httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From n.@apache.org
Subject cvs commit: httpd-2.0/server config.c
Date Wed, 21 Apr 2004 21:24:28 GMT
nd          2004/04/21 14:24:28

  Modified:    .        CHANGES
               server   config.c
  Log:
  Include directives no longer refuse to process symlinks on
  directories. Instead there's now a maximum nesting level
  of included directories (128 as distributed). This is configurable
  at compile time using the -DAP_MAX_INCLUDE_DIR_DEPTH switch.
  
  PR: 28492
  
  Revision  Changes    Path
  1.1465    +6 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1464
  retrieving revision 1.1465
  diff -u -u -r1.1464 -r1.1465
  --- CHANGES	20 Apr 2004 20:22:13 -0000	1.1464
  +++ CHANGES	21 Apr 2004 21:24:28 -0000	1.1465
  @@ -2,6 +2,12 @@
   
     [Remove entries to the current 2.0 section below, when backported]
   
  +  *) Include directives no longer refuse to process symlinks on
  +     directories. Instead there's now a maximum nesting level
  +     of included directories (128 as distributed). This is configurable
  +     at compile time using the -DAP_MAX_INCLUDE_DIR_DEPTH switch.
  +     PR 28492.  [André Malo]
  +
     *) Recursive Include directives no longer crash. The server stops
        including configuration files after a certain nesting level (128
        as distributed). This is configurable at compile time using the
  
  
  
  1.175     +20 -6     httpd-2.0/server/config.c
  
  Index: config.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/config.c,v
  retrieving revision 1.174
  retrieving revision 1.175
  diff -u -u -r1.174 -r1.175
  --- config.c	7 Apr 2004 21:43:01 -0000	1.174
  +++ config.c	21 Apr 2004 21:24:28 -0000	1.175
  @@ -180,6 +180,11 @@
   typedef void *(*dir_maker_func)(apr_pool_t *, char *);
   typedef void *(*merger_func)(apr_pool_t *, void *, void *);
   
  +/* maximum nesting level for config directories */
  +#ifndef AP_MAX_INCLUDE_DIR_DEPTH
  +#define AP_MAX_INCLUDE_DIR_DEPTH (128)
  +#endif
  +
   /* Dealing with config vectors.  These are associated with per-directory,
    * per-server, and per-request configuration, and have a void* pointer for
    * each modules.  The nature of the structure pointed to is private to the
  @@ -1421,13 +1426,14 @@
   static void process_resource_config_nofnmatch(server_rec *s, const char *fname,
                                                 ap_directive_t **conftree,
                                                 apr_pool_t *p,
  -                                              apr_pool_t *ptemp)
  +                                              apr_pool_t *ptemp,
  +                                              unsigned depth)
   {
       cmd_parms parms;
       ap_configfile_t *cfp;
       const char *errmsg;
   
  -    if (ap_is_rdirectory(p, fname)) {
  +    if (ap_is_directory(p, fname)) {
           apr_dir_t *dirp;
           apr_finfo_t dirent;
           int current;
  @@ -1436,6 +1442,14 @@
           apr_status_t rv;
           char errmsg[120], *path = apr_pstrdup(p, fname);
   
  +        if (++depth > AP_MAX_INCLUDE_DIR_DEPTH) {
  +            fprintf(stderr, "%s: Directory %s exceeds the maximum include "
  +                    "directory nesting level of %u. You have probably a "
  +                    "recursion somewhere.\n", ap_server_argv0, path,
  +                    AP_MAX_INCLUDE_DIR_DEPTH);
  +            exit(1);
  +        }
  +
           /*
            * first course of business is to grok all the directory
            * entries here and store 'em away. Recall we need full pathnames
  @@ -1471,7 +1485,7 @@
               for (current = 0; current < candidates->nelts; ++current) {
                   fnew = &((fnames *) candidates->elts)[current];
                   process_resource_config_nofnmatch(s, fnew->fname, conftree, p,
  -                                                  ptemp);
  +                                                  ptemp, depth);
               }
           }
   
  @@ -1530,7 +1544,7 @@
       }
   
       if (!apr_fnmatch_test(fname)) {
  -        process_resource_config_nofnmatch(s, fname, conftree, p, ptemp);
  +        process_resource_config_nofnmatch(s, fname, conftree, p, ptemp, 0);
       }
       else {
           apr_dir_t *dirp;
  @@ -1553,7 +1567,7 @@
               exit(1);
           }
   
  -        if (!ap_is_rdirectory(p, path)){ 
  +        if (!ap_is_directory(p, path)){ 
               fprintf(stderr, "%s: Include directory '%s' not found",
                       ap_server_argv0, path);
               exit(1);
  @@ -1602,7 +1616,7 @@
               for (current = 0; current < candidates->nelts; ++current) {
                   fnew = &((fnames *) candidates->elts)[current];
                   process_resource_config_nofnmatch(s, fnew->fname, conftree, p,
  -                                                  ptemp);
  +                                                  ptemp, 0);
               }
           }
       }
  
  
  

Mime
View raw message