CVE-2021-42340

(cherry picked from commit 1694902243ce79fce784212b0fbe1fa48fc73d7a)

CVE-2021-42340.patch

@@ -0,0 +1,54 @@
+From cd2150ff02c592c1ab6da219302ff80f589559fe Mon Sep 17 00:00:00 2001
+From: remm <remm@apache.org>
+Date: Thu, 28 Oct 2021 11:32:47 +0800
+Subject: [PATCH] Close WebConnection
+
+---
+ .../tomcat/websocket/server/WsHttpUpgradeHandler.java     | 3 +++
+ webapps/docs/changelog.xml                                | 8 ++++++++
+ 2 files changed, 11 insertions(+)
+
+diff --git a/java/org/apache/tomcat/websocket/server/WsHttpUpgradeHandler.java b/java/org/apache/tomcat/websocket/server/WsHttpUpgradeHandler.java
+index 5dd1c5a..703f17a 100644
+--- a/java/org/apache/tomcat/websocket/server/WsHttpUpgradeHandler.java
++++ b/java/org/apache/tomcat/websocket/server/WsHttpUpgradeHandler.java
+@@ -99,6 +99,7 @@ public class WsHttpUpgradeHandler implements InternalHttpUpgradeHandler {
+ 
+     @Override
+     public void init(WebConnection connection) {
++	this.connection = connection;
+         if (ep == null) {
+             throw new IllegalStateException(
+                     sm.getString("wsHttpUpgradeHandler.noPreInit"));
+@@ -203,7 +204,9 @@ public class WsHttpUpgradeHandler implements InternalHttpUpgradeHandler {
+ 
+     @Override
+     public void destroy() {
++	WebConnection connection = this.connection;
+         if (connection != null) {
++            this.connection = null;
+             try {
+                 connection.close();
+             } catch (Exception e) {
+diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
+index a7bb52c..a97e15d 100644
+--- a/webapps/docs/changelog.xml
++++ b/webapps/docs/changelog.xml
+@@ -338,6 +338,14 @@
+       </fix>
+     </changelog>
+   </subsection>
++  <subsection name="WebSocket">
++    <changelog>
++      <fix>
++	The internal upgrade handler should close the associated
++        <code>WebConnection</code> on destroy. (remm)
++      </fix>
++    </changelog>
++  </subsection>
+   <subsection name="Web applications">
+     <changlog>
+       <fix>
+-- 
+2.27.0
+

tomcat.spec

@@ -13,7 +13,7 @@
 Name:          tomcat
 Epoch:         1
 Version:       %{major_version}.%{minor_version}.%{micro_version}
-Release:       21
+Release:       22
 Summary:       Implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies
 License:       ASL 2.0
 URL:           http://tomcat.apache.org/
@@ -99,6 +99,7 @@ Patch6054: CVE-2021-30640-6.patch
 Patch6055: CVE-2021-30640-7.patch
 Patch6056: CVE-2021-30640-8.patch
 Patch6057: CVE-2021-41079.patch
+Patch6058: CVE-2021-42340.patch
 
 BuildRequires: ecj >= 1:4.6.1 findutils apache-commons-collections apache-commons-daemon
 BuildRequires: apache-commons-dbcp apache-commons-pool tomcat-taglibs-standard ant
@@ -500,6 +501,9 @@ fi
 %{_javadocdir}/%{name}
 
 %changelog
+* Thu Oct 28 2021 liwu <liwu13@huawei.com> - 1:9.0.10-22
+- Fix CVE-2021-42340
+
 * Sat Oct 9 2021 houyingchao <houyingchao@huawei.com> - 1:9.0.10-21
 - Fix CVE-2021-41079