httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 14453] New: - mod_rewrite external programs disrupted by URLs with newlines in
Date Mon, 11 Nov 2002 17:53:02 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14453>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14453

mod_rewrite external programs disrupted by URLs with newlines in

           Summary: mod_rewrite external programs disrupted by URLs with
                    newlines in
           Product: Apache httpd-1.3
           Version: 1.3.26
          Platform: Sun
        OS/Version: Solaris
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: mod_rewrite
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: Philip.Naylor@uwe.ac.uk


We are using mod_rewrite with an external rewrite program to produce an inbound 
proxy that splits requests between staff and student back-end servers.

Occassionally the rewrite program starts returning results that relate to 
previous requests, rather than the current one and the server has to be
restarted.

Having added some extra debugging to mod_rewrite.c I have determined that (at
least on the last occassion) the problem is with someone trying to access a
URL that has a newline character encoded in it :

http://www.cems.uwe.ac.uk/~opkgyaas%0a/images/livingeaston.JPG

The customised debug output when this happens is :

lookup_map_program: called for /~jsmith/ec/perm+csp/sld026.htm
rewritelock_alloc: called for /~jsmith/ec/perm+csp/sld026.htm
fd_lock: called for /~jsmith/ec/perm+csp/sld026.htm
fd_lock: ended fcntl() loop [rc=0, errno=11, EINTR=4] for /~jsmith/ec/perm+csp/s
ld026.htm
fd_lock: got lock for /~jsmith/ec/perm+csp/sld026.htm
lookup_map_program: rewrote -
        203.197.98.2,/~jsmith/ec/perm+csp/sld026.htm to http://web03.cems.uwe.ac
.uk/~jsmith/ec/perm+csp/sld026.htm
                 for /~jsmith/ec/perm+csp/sld026.htm
rewritelock_free: called for /~jsmith/ec/perm+csp/sld026.htm
fd_unlock: called for /~jsmith/ec/perm+csp/sld026.htm
fd_unlock: unlocked for /~jsmith/ec/perm+csp/sld026.htm
lookup_map_program: called for /~jsmith/ec/perm+csp/img026.gif
rewritelock_alloc: called for /~jsmith/ec/perm+csp/img026.gif
fd_lock: called for /~jsmith/ec/perm+csp/img026.gif
fd_lock: ended fcntl() loop [rc=0, errno=11, EINTR=4] for /~jsmith/ec/perm+csp/i
mg026.gif
fd_lock: got lock for /~jsmith/ec/perm+csp/img026.gif
lookup_map_program: rewrote -
        203.197.98.2,/~jsmith/ec/perm+csp/img026.gif to http://web03.cems.uwe.ac
.uk/~jsmith/ec/perm+csp/img026.gif
                 for /~jsmith/ec/perm+csp/img026.gif
rewritelock_free: called for /~jsmith/ec/perm+csp/img026.gif
fd_unlock: called for /~jsmith/ec/perm+csp/img026.gif
fd_unlock: unlocked for /~jsmith/ec/perm+csp/img026.gif
lookup_map_program: called for /~opkgyaas
/images/livingeaston.JPG
rewritelock_alloc: called for /~opkgyaas
/images/livingeaston.JPG
fd_lock: called for /~opkgyaas
/images/livingeaston.JPG
fd_lock: ended fcntl() loop [rc=0, errno=2, EINTR=4] for /~opkgyaas
/images/livingeaston.JPG
fd_lock: got lock for /~opkgyaas
/images/livingeaston.JPG
lookup_map_program: rewrote -
        209.237.238.163,/~opkgyaas
/images/livingeaston.JPG to http://www.cems.uwe.ac.uk/blocked.html
                 for /~opkgyaas
/images/livingeaston.JPG
rewritelock_free: called for /~opkgyaas
/images/livingeaston.JPG
fd_unlock: called for /~opkgyaas
/images/livingeaston.JPG
fd_unlock: unlocked for /~opkgyaas
/images/livingeaston.JPG
lookup_map_program: called for /~jsmith/ec/perm+csp/sld027.htm
rewritelock_alloc: called for /~jsmith/ec/perm+csp/sld027.htm
fd_lock: called for /~jsmith/ec/perm+csp/sld027.htm
fd_lock: ended fcntl() loop [rc=0, errno=11, EINTR=4] for /~jsmith/ec/perm+csp/s
ld027.htm
fd_lock: got lock for /~jsmith/ec/perm+csp/sld027.htm
lookup_map_program: rewrote -
        203.197.98.2,/~jsmith/ec/perm+csp/sld027.htm to NULL
                 for /~jsmith/ec/perm+csp/sld027.htm
rewritelock_free: called for /~jsmith/ec/perm+csp/sld027.htm
fd_unlock: called for /~jsmith/ec/perm+csp/sld027.htm
fd_unlock: unlocked for /~jsmith/ec/perm+csp/sld027.htm
lookup_map_program: called for /~ngunton/worksheets/shell.pdf
rewritelock_alloc: called for /~ngunton/worksheets/shell.pdf
fd_lock: called for /~ngunton/worksheets/shell.pdf
fd_lock: ended fcntl() loop [rc=0, errno=11, EINTR=4] for /~ngunton/worksheets/s
hell.pdf
fd_lock: got lock for /~ngunton/worksheets/shell.pdf
lookup_map_program: rewrote -
        66.130.224.176,/~ngunton/worksheets/shell.pdf to http://web03.cems.uwe.a
c.uk/~jsmith/ec/perm+csp/sld027.htm
                 for /~ngunton/worksheets/shell.pdf
rewritelock_free: called for /~ngunton/worksheets/shell.pdf
fd_unlock: called for /~ngunton/worksheets/shell.pdf
fd_unlock: unlocked for /~ngunton/worksheets/shell.pdf
lookup_map_program: called for /~ngunton/worksheets/first.gif
rewritelock_alloc: called for /~ngunton/worksheets/first.gif
fd_lock: called for /~ngunton/worksheets/first.gif
fd_lock: ended fcntl() loop [rc=0, errno=9, EINTR=4] for /~ngunton/worksheets/fi
rst.gif
fd_lock: got lock for /~ngunton/worksheets/first.gif
lookup_map_program: rewrote -
        66.130.224.176,/~ngunton/worksheets/first.gif to http://web03.cems.uwe.a
c.uk/~ngunton/worksheets/shell.pdf
                 for /~ngunton/worksheets/first.gif
rewritelock_free: called for /~ngunton/worksheets/first.gif
fd_unlock: called for /~ngunton/worksheets/first.gif
fd_unlock: unlocked for /~ngunton/worksheets/first.gif


Since the external rewrite programs rely on receiving newline delimited data
on stdin, any newlines should really be stripped out, or URL encoded, before
they receive them.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message