httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@apache.org
Subject cvs commit: httpd-2.0/modules/generators mod_cgi.c
Date Thu, 27 Jun 2002 06:07:58 GMT
rbb         2002/06/26 23:07:58

  Modified:    .        CHANGES
               os/unix  unixd.c
               modules/generators mod_cgi.c
  Log:
  Fix a long-standing bug in 2.0, CGI scripts were being called
  with relative paths instead of absolute paths.  Apache 1.3 used
  absolute paths for everything except for SuExec, this brings back
  that standard.
  
  Revision  Changes    Path
  1.853     +5 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.852
  retrieving revision 1.853
  diff -u -r1.852 -r1.853
  --- CHANGES	27 Jun 2002 04:40:47 -0000	1.852
  +++ CHANGES	27 Jun 2002 06:07:57 -0000	1.853
  @@ -1,5 +1,10 @@
   Changes with Apache 2.0.40
   
  +  *) Fix a long-standing bug in 2.0, CGI scripts were being called
  +     with relative paths instead of absolute paths.  Apache 1.3 used
  +     absolute paths for everything except for SuExec, this brings back
  +     that standard.  [Ryan Bloom]
  +
     *) Fix infinite loop due to two HTTP_IN filters being present for
        internally redirected requests.  PR 10146.  [Justin Erenkrantz]
   
  
  
  
  1.54      +12 -1     httpd-2.0/os/unix/unixd.c
  
  Index: unixd.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/os/unix/unixd.c,v
  retrieving revision 1.53
  retrieving revision 1.54
  diff -u -r1.53 -r1.54
  --- unixd.c	26 May 2002 08:27:10 -0000	1.53
  +++ unixd.c	27 Jun 2002 06:07:58 -0000	1.54
  @@ -326,11 +326,22 @@
       const char **newargs;
       char *newprogname;
       char *execuser, *execgroup;
  +    const char *argv0;
   
       if (!unixd_config.suexec_enabled) {
           return apr_proc_create(newproc, progname, args, env, attr, p);
       }
   
  +    argv0 = strrchr(progname, '/');
  +    /* Allow suexec's "/" check to succeed */
  +    if (argv0 != NULL) {
  +        argv0++;
  +    }
  +    else {
  +        argv0 = progname;
  +    }
  +
  +
       if (ugid->userdir) {
           execuser = apr_psprintf(p, "~%ld", (long) ugid->uid);
       }
  @@ -355,7 +366,7 @@
       newargs[0] = SUEXEC_BIN;
       newargs[1] = execuser;
       newargs[2] = execgroup;
  -    newargs[3] = apr_pstrdup(p, progname);
  +    newargs[3] = apr_pstrdup(p, argv0);
   
       /*
       ** using a shell to execute suexec makes no sense thus
  
  
  
  1.146     +1 -7      httpd-2.0/modules/generators/mod_cgi.c
  
  Index: mod_cgi.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/generators/mod_cgi.c,v
  retrieving revision 1.145
  retrieving revision 1.146
  diff -u -r1.145 -r1.146
  --- mod_cgi.c	23 Jun 2002 04:05:17 -0000	1.145
  +++ mod_cgi.c	27 Jun 2002 06:07:58 -0000	1.146
  @@ -513,13 +513,7 @@
       const char *args = NULL;
   
       if (e_info->process_cgi) {
  -        /* Allow suexec's "/" check to succeed */
  -        const char *argv0 = strrchr(r->filename, '/');
  -        if (argv0 != NULL)
  -            argv0++;
  -        else
  -            argv0 = r->filename;
  -        *cmd = argv0;
  +        *cmd = r->filename;
           args = r->args;
           /* Do not process r->args if they contain an '=' assignment 
            */
  
  
  

Mime
View raw message