httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@apache.org (Ralf S. Engelschall)
Subject cvs commit: apache/src CHANGES mod_imap.c
Date Fri, 01 Aug 1997 08:48:20 GMT
rse         97/08/01 01:48:19

  Modified:    src       Tag: APACHE_1_2_X  CHANGES mod_imap.c
  Log:
  Fixed an infinite loop for references above the server root.
  
  PR:	748
  Submitted by:	Dean Gaudet
  Reviewed by:	Brian Behlendorf
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.286.2.38 +3 -0      apache/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /export/home/cvs/apache/src/CHANGES,v
  retrieving revision 1.286.2.37
  retrieving revision 1.286.2.38
  diff -u -r1.286.2.37 -r1.286.2.38
  --- CHANGES	1997/07/31 08:50:01	1.286.2.37
  +++ CHANGES	1997/08/01 08:48:16	1.286.2.38
  @@ -1,5 +1,8 @@
   Changes with Apache 1.2.2
   
  +  *) Fixed an infinite loop in mod_imap for references above the server root
  +     [Dean Gaudet] PR#748
  +
     *) mod_include cleanup showed that handle_else was being used to handle
        endif.  It didn't cause problems, but it was cleaned up too.
        [Howard Fear]
  
  
  
  1.21.2.1  +4 -0      apache/src/mod_imap.c
  
  Index: mod_imap.c
  ===================================================================
  RCS file: /export/home/cvs/apache/src/mod_imap.c,v
  retrieving revision 1.21
  retrieving revision 1.21.2.1
  diff -u -r1.21 -r1.21.2.1
  --- mod_imap.c	1997/04/12 04:24:58	1.21
  +++ mod_imap.c	1997/08/01 08:48:17	1.21.2.1
  @@ -475,6 +475,10 @@
   	  }
   
   	  value += 2;      /* jump over the '..' that we found in the value */
  +      } else if (directory) {
  +	url[0] = '\0';
  +	log_reason("invalid directory name in map file", r->uri, r);
  +	return;
         }
         
         if (! strncmp(value, "/../", 4) || ! strcmp(value, "/..") )
  
  
  

Mime
View raw message