httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject cvs commit: httpd-2.0/server util.c
Date Sat, 18 Sep 2004 00:44:00 GMT
trawick     2004/09/17 17:44:00

  Modified:    .        Tag: APACHE_2_0_BRANCH CHANGES STATUS
               server   Tag: APACHE_2_0_BRANCH util.c
  Log:
  Fix the handling of URIs containing %2F when AllowEncodedSlashes
  is enabled.  Previously, such urls would still be rejected with
  404.
  
  (original CHANGES entry tweaked to remove mention of status code;
  404 is what you get with AllowEncodedSlashes Off, but with the
  broken AllowEncodedSlashes On processing you actually got 400)
  
  Submitted by:	trawick, stoddard
  Reviewed by:	clar
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.988.2.356 +4 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.988.2.355
  retrieving revision 1.988.2.356
  diff -u -r1.988.2.355 -r1.988.2.356
  --- CHANGES	17 Sep 2004 15:38:09 -0000	1.988.2.355
  +++ CHANGES	18 Sep 2004 00:43:59 -0000	1.988.2.356
  @@ -1,5 +1,9 @@
   Changes with Apache 2.0.52
   
  +  *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
  +     is enabled.  Previously, such urls would still be rejected.
  +     [Jeff Trawick, Bill Stoddard]
  +
     *) mod_mem_cache: Fixed race condition causing segfault because of memory being
        freed twice, or reused after being freed.
        [J. Clar, W. Stoddard, G. Ames]
  
  
  
  1.751.2.1059 +1 -7      httpd-2.0/STATUS
  
  Index: STATUS
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/STATUS,v
  retrieving revision 1.751.2.1058
  retrieving revision 1.751.2.1059
  diff -u -r1.751.2.1058 -r1.751.2.1059
  --- STATUS	17 Sep 2004 15:28:07 -0000	1.751.2.1058
  +++ STATUS	18 Sep 2004 00:43:59 -0000	1.751.2.1059
  @@ -113,12 +113,6 @@
          jorton: ssl_var_lookup() returns "" in place of NULL, that was really
             a deliberate choice... but maybe you're right.
   
  -    *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
  -       is enabled.  Previously, such urls would still be rejected with
  -       404.
  -         server/util.c: r1.148, r1.149
  -       +1: trawick, stoddard, clar
  -
       *) Remove LDAP toolkit specific code from util_ldap and mod_auth_ldap.
            modules/experimental/mod_auth_ldap.c: 1.28
            modules/experimental/util_ldap.c: 1.36
  
  
  
  No                   revision
  No                   revision
  1.133.2.12 +2 -6      httpd-2.0/server/util.c
  
  Index: util.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/util.c,v
  retrieving revision 1.133.2.11
  retrieving revision 1.133.2.12
  diff -u -r1.133.2.11 -r1.133.2.12
  --- util.c	15 Sep 2004 11:50:43 -0000	1.133.2.11
  +++ util.c	18 Sep 2004 00:44:00 -0000	1.133.2.12
  @@ -1628,16 +1628,12 @@
               else {
                   char decoded;
                   decoded = x2c(y + 1);
  -                if (IS_SLASH(decoded)) {
  -                    *x++ = *y++;
  -                    *x = *y;
  +                if (decoded == '\0') {
  +                    badpath = 1;
                   }
                   else {
                       *x = decoded;
                       y += 2;
  -                    if (decoded == '\0') {
  -                        badpath = 1;
  -                    }
                   }
               }
           }
  
  
  

Mime
View raw message