httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From f...@hyperreal.org
Subject cvs commit: apache-1.3/src/modules/standard mod_vhost_alias.c
Date Mon, 20 Dec 1999 05:24:29 GMT
fanf        99/12/19 21:24:28

  Modified:    src/modules/standard mod_vhost_alias.c
  Log:
  Fix for the security problem spotted by Lars Eilebrecht <lars@hyperreal.org>
  
  Revision  Changes    Path
  1.3       +9 -4      apache-1.3/src/modules/standard/mod_vhost_alias.c
  
  Index: mod_vhost_alias.c
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/modules/standard/mod_vhost_alias.c,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- mod_vhost_alias.c	1999/06/22 15:33:17	1.2
  +++ mod_vhost_alias.c	1999/12/20 05:24:22	1.3
  @@ -278,8 +278,8 @@
       }
   }
   
  -static void vhost_alias_interpolate(request_rec *r, const char *name,
  -				    const char *map, const char *uri)
  +static int vhost_alias_interpolate(request_rec *r, const char *name,
  +				   const char *map, const char *uri)
   {
       /* 0..9 9..0 */
       enum { MAXDOTS = 19 };
  @@ -391,6 +391,8 @@
   	}
   	vhost_alias_checkspace(r, buf, &dest, end - start);
   	for (p = start; p < end; ++p) {
  +	    if (!isalnum(*p) && *p != '-' && *p != '.')
  +		return HTTP_BAD_REQUEST;
   	    *dest++ = ap_tolower(*p);
   	}
       }
  @@ -405,6 +407,7 @@
       else {
   	r->filename = ap_pstrcat(r->pool, buf, uri, NULL);
       }
  +    return OK;
   }
   
   static int mva_translate(request_rec *r)
  @@ -412,7 +415,7 @@
       mva_sconf_t *conf;
       const char *name, *map, *uri;
       mva_mode_e mode;
  -    int cgi;
  +    int cgi, bad;
     
       conf = (mva_sconf_t *) ap_get_module_config(r->server->module_config,
   					      &vhost_alias_module);
  @@ -446,7 +449,9 @@
   	return DECLINED;
       }
   
  -    vhost_alias_interpolate(r, name, map, uri);
  +    bad = vhost_alias_interpolate(r, name, map, uri);
  +    if (bad != OK)
  +	return bad;
   
       if (cgi) {
   	/* see is_scriptaliased() in mod_cgi */
  
  
  

Mime
View raw message