httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rpl...@apache.org
Subject svn commit: r425394 - /httpd/httpd/trunk/server/request.c
Date Tue, 25 Jul 2006 13:40:32 GMT
Author: rpluem
Date: Tue Jul 25 06:40:32 2006
New Revision: 425394

URL: http://svn.apache.org/viewvc?rev=425394&view=rev
Log:
* Although the lstat call should rarely ever fail, because we stat'ed the
  same file several lines above, check the return value to be save that
  nothing bad happens in the case it does fail.

Modified:
    httpd/httpd/trunk/server/request.c

Modified: httpd/httpd/trunk/server/request.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/request.c?rev=425394&r1=425393&r2=425394&view=diff
==============================================================================
--- httpd/httpd/trunk/server/request.c (original)
+++ httpd/httpd/trunk/server/request.c Tue Jul 25 06:40:32 2006
@@ -553,9 +553,22 @@
              * check.
              */
             if (!(opts & OPT_SYM_LINKS)) {
-                apr_stat(&thisinfo, r->filename,
-                         APR_FINFO_MIN | APR_FINFO_NAME | APR_FINFO_LINK,
-                         r->pool);
+                rv = apr_stat(&thisinfo, r->filename,
+                              APR_FINFO_MIN | APR_FINFO_NAME | APR_FINFO_LINK,
+                              r->pool);
+                if (rv != APR_SUCCESS) {
+                    /*
+                     * This should never happen, because we did a stat on the
+                     * same file, resolving a possible symlink several lines
+                     * above. Therefore do not make a detailed analysis of rv
+                     * in this case for the reason of the failure, just bail out
+                     * with a HTTP_FORBIDDEN in case we hit a race condition
+                     * here.
+                     */
+                    ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+                                  "access to %s failed", r->uri);
+                    return r->status = HTTP_FORBIDDEN;
+                }
                 if (thisinfo.filetype == APR_LNK) {
                     /* Is this a possibly acceptable symlink? */
                     if ((res = resolve_symlink(r->filename, &thisinfo,



Mime
View raw message