httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From f...@apache.org
Subject cvs commit: httpd-2.0/modules/mappers mod_rewrite.c mod_rewrite.h
Date Thu, 18 Jan 2001 22:36:59 GMT
fanf        01/01/18 14:36:59

  Modified:    .        CHANGES
               modules/mappers mod_rewrite.c mod_rewrite.h
  Log:
  Bring forward from 1.3:
  
  I broke mod_rewrite by modifying strings in place when expanding them,
  because variable lookups can cause subrequests which cause mod_rewrite
  to do its stuff again including an expansion on the same string, which
  is then syntactically invalid. So copy the lookup keys somewhere else
  before using them in such a way that may cause recursion.
  
  In addition to this, my parser could also be confused by complicated
  nested rewrite map expansions like ${map1:${map2:key|dflt}|dflt} so
  fix that too by keeping track of {} when looking for |.
  
  PR:             7087
  
  Revision  Changes    Path
  1.43      +4 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.42
  retrieving revision 1.43
  diff -u -u -r1.42 -r1.43
  --- CHANGES	2001/01/18 21:04:42	1.42
  +++ CHANGES	2001/01/18 22:36:57	1.43
  @@ -1,5 +1,9 @@
   Changes with Apache 2.0b1
   
  +  *) Fix the handling of variable expansion look-ahead in mod_rewrite,
  +     i.e. syntax like %{LA-U:REMOTE_USER}, and also fix the parsing of
  +     more complicated nested RewriteMap lookups. PR#7087 [Tony Finch]
  +
     *) Fix the RFC number mentioned when complaining about a missing
        Host: header. PR#7079 [Alexey Toptygin <alexeyt@wam.umd.edu>]
   
  
  
  
  1.60      +51 -25    httpd-2.0/modules/mappers/mod_rewrite.c
  
  Index: mod_rewrite.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/mappers/mod_rewrite.c,v
  retrieving revision 1.59
  retrieving revision 1.60
  diff -u -u -r1.59 -r1.60
  --- mod_rewrite.c	2001/01/17 15:52:10	1.59
  +++ mod_rewrite.c	2001/01/18 22:36:58	1.60
  @@ -2288,7 +2288,13 @@
   	    if (endp == NULL) {
   		goto skip;
   	    }
  -	    *endp = '\0';
  +	    /*
  +	     * These lookups may be recursive in a very convoluted
  +	     * fashion -- see the LA-U and LA-F variable expansion
  +	     * prefixes -- so we copy lookup keys to a separate buffer
  +	     * rather than adding zero bytes in order to use them in
  +	     * place.
  +	     */
   	    if (inp[0] == '$') {
   		/* ${...} map lookup expansion */
   		/*
  @@ -2303,43 +2309,39 @@
   		 * looking at it is that the recursion is entirely
   		 * driven by the syntax of the nested curly brackets.
   		 */
  -		char *key, *dflt, *result;
  +		char *map, *key, *dflt, *result;
   		char xkey[MAX_STRING_LEN];
   		char xdflt[MAX_STRING_LEN];
  -		char *empty = "";
  -		key = strchr(inp, ':');
  -		if (key == NULL) {
  -		    *endp = '}';
  +		key = find_char_in_brackets(inp, ':', '{', '}');
  +		if (key == NULL)
   		    goto skip;
  -		}
  -		*key++ = '\0';
  -		dflt = strchr(key, '|');
  +		map  = apr_pstrndup(r->pool, inp+2, key-inp-2);
  +		dflt = find_char_in_brackets(inp, '|', '{', '}');
   		if (dflt == NULL) {
  -		    dflt = empty;
  -		}
  -		else {
  -		    *dflt++ = '\0';
  +		    key  = apr_pstrndup(r->pool, key+1, endp-key-1);
  +		    dflt = "";
  +		} else {
  +		    key  = apr_pstrndup(r->pool, key+1, dflt-key-1);
  +		    dflt = apr_pstrndup(r->pool, dflt+1, endp-dflt-1);
   		}
   		do_expand(r, key,  xkey,  sizeof(xkey),  briRR, briRC);
  -		do_expand(r, dflt, xdflt, sizeof(xdflt), briRR, briRC);
  -		result = lookup_map(r, inp+2, xkey);
  -		if (result == NULL) {
  -		    result = xdflt;
  -		}
  -		span = apr_cpystrn(outp, result, space) - outp;
  -		key[-1] = ':';
  -		if (dflt != empty) {
  -		    dflt[-1] = '|';
  +		result = lookup_map(r, map, xkey);
  +		if (result) {
  +		    span = apr_cpystrn(outp, result, space) - outp;
  +		} else {
  +		    do_expand(r, dflt, xdflt, sizeof(xdflt), briRR, briRC);
  +		    span = apr_cpystrn(outp, xdflt, space) - outp;
   		}
   	    }
   	    else if (inp[0] == '%') {
   		/* %{...} variable lookup expansion */
  -		span = apr_cpystrn(outp, lookup_variable(r, inp+2), space) - outp;
  +		char *var;
  +		var  = apr_pstrndup(r->pool, inp+2, endp-inp-2);
  +		span = apr_cpystrn(outp, lookup_variable(r, var), space) - outp;
   	    }
   	    else {
   		span = 0;
   	    }
  -	    *endp = '}';
   	    inp = endp+1;
   	    outp += span;
   	    space -= span;
  @@ -4073,7 +4075,7 @@
   
   /*
   **
  -**  Find end of bracketed expression
  +**  Bracketed expression handling
   **  s points after the opening bracket
   **
   */
  @@ -4092,6 +4094,30 @@
       }
       return NULL;
   }
  +
  +static char *find_char_in_brackets(char *s, int c, int left, int right)
  +{
  +    int depth;
  +
  +    for (depth = 1; *s; ++s) {
  +	if (*s == c && depth == 1) {
  +	    return s;
  +	}
  +	else if (*s == right && --depth == 0) {
  +	    return NULL;
  +	}
  +	else if (*s == left) {
  +	    ++depth;
  +	}
  +    }
  +    return NULL;
  +}
  +
  +/*
  +**
  +** Module paraphernalia
  +**
  +*/
   
   #ifdef NETWARE
   int main(int argc, char *argv[]) 
  
  
  
  1.20      +2 -1      httpd-2.0/modules/mappers/mod_rewrite.h
  
  Index: mod_rewrite.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/mappers/mod_rewrite.h,v
  retrieving revision 1.19
  retrieving revision 1.20
  diff -u -u -r1.19 -r1.20
  --- mod_rewrite.h	2000/10/18 04:50:25	1.19
  +++ mod_rewrite.h	2001/01/18 22:36:58	1.20
  @@ -469,8 +469,9 @@
       /* Lexicographic Comparison */
   static int compare_lexicography(char *cpNum1, char *cpNum2);
   
  -    /* Find end of bracketed expression */
  +    /* Bracketed expression handling */
   static char *find_closing_bracket(char *s, int left, int right);
  +static char *find_char_in_brackets(char *s, int c, int left, int right);
   
   #endif /* _MOD_REWRITE_H */
   
  
  
  

Mime
View raw message