httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: [PATCH] (PR#130) mod_imap infinite loop fix
Date Mon, 10 Feb 1997 17:54:16 GMT
On Mon, 10 Feb 1997, Roy T. Fielding wrote:

> >Actually, 'base' was not intended just to be a URL. It does however
> >only make sense to deal with the directory it references IMO. Marc's
> >fix does follow with the feature's purpose be it right or wrong.
> 
> Wait a minute, now I'm completely confused.  The code says it is
> a base URL, the documentation says it is a base URL, it is currently
> being parsed as a base URL (well, kind of -- it is nowhere close to
> being compliant with RFC 1808), but somehow it is supposed to be a directory?
> 
> We can't have it both ways.  Either it is a URL or a directory, since the
> two have distinctly different meanings without a trailing slash.  Given
> that the code says that it can be set to the map URL, the referer URL,
> or a configured URL, it would seem to me that it isn't a directory.
> 
> The correct fix to the problem reported is to replace the existing, buggy
> imap_url() routine with a proper utility function that performs
> relative -> absolute conversion.  Until then, the existing bug is better
> than assuming that any base URL not ending in a slash is supposed to be a
> directory.

I still do not comprehend how you can have a problem with preventing an
infinite loop.  The current code does not properly implement base URLs,
the fixed code would not do so either so nothing would change except that
there is no longer a chance of an infinite loop. 

Have you looked at the code and tried the example I gave?  Do you
understand that right now the code assumes that any base URL not ending in
a slash is a directory, only it just assumes that without checking to be
sure that is a valid assumption?  Would you be happy if it simply aborted
and said "hey you moron, this module is broken" if it got that?

Are you saying we should redo the parsing code in mod_imap before 1.2?  It
is not acceptable to leave a known bug that causes an infinite loop simply
because a fix to that problem doesn't fix everything else in the module.


Mime
View raw message