httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject [PATCH] mod_imap and infinite loops
Date Sun, 16 Feb 1997 00:15:30 GMT
Ok, does anyone have any problems with this patch?  It makes the server
abort and give an error and log an error message if it encounters a 
case that currently throws us into an infinite loop.  Note that this
does NOT cause any currently working directives to stop working.

The correct behavior requires far more effort and thought to
backwards compatibility to implement, and I don't think it is worth
spending time on right now.

Index: mod_imap.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_imap.c,v
retrieving revision 1.17
diff -c -r1.17 mod_imap.c
*** mod_imap.c	1997/01/27 00:16:18	1.17
--- mod_imap.c	1997/02/16 00:14:34
***************
*** 424,429 ****
--- 424,434 ----
  
    strncpy(my_base, base, sizeof(my_base)-1);  /* must be a relative URL to be combined with
base */
    my_base[sizeof(my_base)-1] = '\0';
+   if (strchr(my_base, '/') == NULL && (!strncmp(value, "../", 3) || !strcmp(value,
"..")) ) {
+     url[0] = '\0';
+     log_reason("invalid base directive in map file", r->uri, r);
+     return;
+   }
    string_pos = my_base; 
    while (*string_pos) {  
      if (*string_pos == '/' && *(string_pos+1) == '/') {


Mime
View raw message