httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gst...@apache.org
Subject cvs commit: httpd-2.0/modules/dav/main mod_dav.c
Date Tue, 15 Oct 2002 23:23:15 GMT
gstein      2002/10/15 16:23:15

  Modified:    modules/dav/main mod_dav.c
  Log:
  Code a bit more defensively. If dav_lookup_uri() ever placed user
  input into lookup.err.desc for the HTTP_BAD_REQUEST case, then we
  could have problems (via a format string attack). This change frees us
  from *future* worries.
  
  Revision  Changes    Path
  1.91      +4 -4      httpd-2.0/modules/dav/main/mod_dav.c
  
  Index: mod_dav.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/dav/main/mod_dav.c,v
  retrieving revision 1.90
  retrieving revision 1.91
  diff -u -r1.90 -r1.91
  --- mod_dav.c	30 Sep 2002 05:10:07 -0000	1.90
  +++ mod_dav.c	15 Oct 2002 23:23:15 -0000	1.91
  @@ -2522,7 +2522,7 @@
           if (lookup.err.status == HTTP_BAD_REQUEST) {
               /* This supplies additional information for the default message. */
               ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
  -                          lookup.err.desc);
  +                          "%s", lookup.err.desc);
               return HTTP_BAD_REQUEST;
           }
   
  @@ -3684,7 +3684,7 @@
               if (lookup.err.status == HTTP_BAD_REQUEST) {
                   /* This supplies additional information for the default message. */
                   ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
  -                              lookup.err.desc);
  +                              "%s", lookup.err.desc);
                   return HTTP_BAD_REQUEST;
               }
   
  @@ -4147,7 +4147,7 @@
           if (lookup.err.status == HTTP_BAD_REQUEST) {
               /* This supplies additional information for the default message. */
               ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
  -                          lookup.err.desc);
  +                          "%s", lookup.err.desc);
               return HTTP_BAD_REQUEST;
           }
   
  @@ -4269,7 +4269,7 @@
           if (lookup.err.status == HTTP_BAD_REQUEST) {
               /* This supplies additional information for the default message. */
               ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
  -                          lookup.err.desc);
  +                          "%s", lookup.err.desc);
               return HTTP_BAD_REQUEST;
           }
           else if (lookup.err.status == HTTP_BAD_GATEWAY) {
  
  
  

Mime
View raw message