diff options
| author | Andrew Wnuk <awnuk@redhat.com> | 2012-12-06 17:02:17 -0800 |
|---|---|---|
| committer | Andrew Wnuk <awnuk@redhat.com> | 2012-12-06 17:02:17 -0800 |
| commit | 883e0ec158eec04547da6856dbdaef0a8f640cb0 (patch) | |
| tree | 654989963cd7c125312268d8116ce3f033d55a51 /base/common/src/com/netscape/cms/servlet/cert | |
| parent | 8d5eb937f99fd18398401f3f744eb85775293e23 (diff) | |
| download | pki-883e0ec158eec04547da6856dbdaef0a8f640cb0.tar.gz pki-883e0ec158eec04547da6856dbdaef0a8f640cb0.tar.xz pki-883e0ec158eec04547da6856dbdaef0a8f640cb0.zip | |
number verification
This patch improves number verification.
Bug 864397.
Diffstat (limited to 'base/common/src/com/netscape/cms/servlet/cert')
3 files changed, 29 insertions, 5 deletions
diff --git a/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java b/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java index c3a268d14..73b6e8456 100644 --- a/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java +++ b/base/common/src/com/netscape/cms/servlet/cert/DisplayCRL.java @@ -316,13 +316,23 @@ public class DisplayCRL extends CMSServlet { String pageSize = req.getParameter("pageSize"); if (pageStart != null && pageSize != null) { - long lPageStart = new Long(pageStart).longValue(); - long lPageSize = new Long(pageSize).longValue(); + long lPageStart = 0L; + long lPageSize = 0L; + try { + lPageStart = new Long(pageStart).longValue(); + } catch (NumberFormatException e) { + } + try { + lPageSize = new Long(pageSize).longValue(); + } catch (NumberFormatException e) { + } if (lPageStart < 1) lPageStart = 1; // if (lPageStart + lPageSize - lCRLSize > 1) // lPageStart = lCRLSize - lPageSize + 1; + if (lPageSize < 1) + lPageSize = 10; header.addStringValue( "crlPrettyPrint", crlDetails.toString(locale, diff --git a/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java b/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java index 9bfbc86f9..346dd2d34 100644 --- a/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java +++ b/base/common/src/com/netscape/cms/servlet/cert/GetCRL.java @@ -312,11 +312,21 @@ public class GetCRL extends CMSServlet { String pageSize = args.getValueAsString("pageSize", null); if (pageStart != null && pageSize != null) { - long lPageStart = new Long(pageStart).longValue(); - long lPageSize = new Long(pageSize).longValue(); + long lPageStart = 0L; + long lPageSize = 0L; + try { + lPageStart = new Long(pageStart).longValue(); + } catch (NumberFormatException e) { + } + try { + lPageSize = new Long(pageSize).longValue(); + } catch (NumberFormatException e) { + } if (lPageStart < 1) lPageStart = 1; + if (lPageSize < 1) + lPageSize = 10; header.addStringValue("crlPrettyPrint", crlDetails.toString(locale[0], diff --git a/base/common/src/com/netscape/cms/servlet/cert/RequestProcessor.java b/base/common/src/com/netscape/cms/servlet/cert/RequestProcessor.java index 74a3183d6..508cd72c1 100644 --- a/base/common/src/com/netscape/cms/servlet/cert/RequestProcessor.java +++ b/base/common/src/com/netscape/cms/servlet/cert/RequestProcessor.java @@ -103,7 +103,11 @@ public class RequestProcessor extends CertProcessor { String requestNonce = data.getNonce(); boolean nonceVerified = false; if (requestNonce != null) { - long nonce = Long.parseLong(requestNonce.trim()); + long nonce = 0L; + try { + nonce = Long.parseLong(requestNonce.trim()); + } catch (NumberFormatException e) { + } X509Certificate cert1 = nonces.getCertificate(nonce); X509Certificate cert2 = getSSLClientCertificate(request); if (cert1 == null) { |