From 2748e80d0df50d0ae37c0b743d33acb24440900a Mon Sep 17 00:00:00 2001
From: "rogan.dawes" <rogan.dawes@4033779f-a91e-0410-96ef-6bf7bf53c507>
Date: Tue, 10 Jul 2007 11:48:53 +0000
Subject: [PATCH] Make mySession a method scoped variable, not an instance var

This should fix a concurrency bug, although it is unlikely to
be exploitable/exploited


git-svn-id: http://webgoat.googlecode.com/svn/trunk@132 4033779f-a91e-0410-96ef-6bf7bf53c507
---
 .../org/owasp/webgoat/HammerHead.java         | 30 +++++--------------
 1 file changed, 7 insertions(+), 23 deletions(-)

diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java
index 76fb4bef4..f380bb8c4 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/HammerHead.java	
@@ -6,7 +6,6 @@ import java.sql.SQLException;
 import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.Enumeration;
-import java.util.List;
 import java.util.Locale;
 import java.util.TimeZone;
 
@@ -68,11 +67,6 @@ public class HammerHead extends HttpServlet
      */
     protected static SimpleDateFormat httpDateFormat;
 
-    /**
-     * Description of the Field
-     */
-    protected WebSession mySession;
-
     /**
      * Set the session timeout to be 2 days
      */
@@ -122,6 +116,7 @@ public class HammerHead extends HttpServlet
     {
 	Screen screen = null;
 
+	WebSession mySession = null;
 	try
 	{
 	    // System.out.println( "HH Entering doPost: " );
@@ -198,7 +193,7 @@ public class HammerHead extends HttpServlet
 	{
 	    try
 	    {
-		this.writeScreen(screen, response);
+		this.writeScreen(mySession, screen, response);
 	    }
 	    catch (Throwable thr)
 	    {
@@ -314,17 +309,6 @@ public class HammerHead extends HttpServlet
 	System.out.println(output);
     }
 
-
-    public List getCategories()
-    {
-	Course course = mySession.getCourse();
-
-	// May need to clone the List before returning it.
-	// return new ArrayList(course.getCategories());
-	return course.getCategories();
-    }
-
-
     /*
      * public List getLessons(Category category, String role) { Course
      * course = mySession.getCourse(); // May need to clone the List before
@@ -524,7 +508,7 @@ public class HammerHead extends HttpServlet
      * @exception IOException
      *            Description of the Exception
      */
-    protected void writeScreen(Screen s, HttpServletResponse response)
+    protected void writeScreen(WebSession s, Screen screen, HttpServletResponse response)
 	    throws IOException
     {
 	response.setContentType("text/html");
@@ -533,15 +517,15 @@ public class HammerHead extends HttpServlet
 
 	if (s == null)
 	{
-	    s = new ErrorScreen(mySession, "Page to display was null");
+	    screen = new ErrorScreen(s, "Page to display was null");
 	}
 
 	// set the content-length of the response.
 	// Trying to avoid chunked-encoding. (Aspect required)
-	response.setContentLength(s.getContentLength());
-	response.setHeader("Content-Length", s.getContentLength() + "");
+	response.setContentLength(screen.getContentLength());
+	response.setHeader("Content-Length", screen.getContentLength() + "");
 
-	s.output(out);
+	screen.output(out);
 	out.close();
     }
 }