httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Date Mon, 05 Jun 2000 16:07:54 GMT
> From: William A. Rowe, Jr. []
> Sent: Sunday, June 04, 2000 10:18 PM
> > From: William A. Rowe, Jr. []
> > Sent: Saturday, June 03, 2000 10:00 PM
> > 
> > Here is a reworking of some additional util_win32.c 
> security testing,
> > but still not what Marc is discussing.  I've been drawn to the fact
> > that relatively obscure device drivers may be installed 
> that are outside
> > the 'standard' exclusions list.  These extra tests are also 
> a performance
> > drain, although they affect only 3-4 character name 
> segments.   Howdy.html
> > isn't impacted, but a tree like /docs/app/rev/ is heavily impacted.
> > 
> > Please review, and comment.
> > 
> > Note that FILE_ATTRIBUTE_NORMAL, or value 0x80, has been a device
> > driver file flag for many, many years.

I've been completely disproved and humiliated :-(  Now my 12 year old
memory of ms-dos is failing me, and I refuse to build a dos partition
to test this.  However, we have a flag under Win95, it's an attribute
value of 0x40 (undocumented, of course.)  And it fails under NT.

Under NT, though, we have a size of 0 and a last modified date of 0
(that translates to the year 1601, I believe.)  Can we agree that this
combination makes a web page not-found (at least for a non-Directory
entry) in the directory?

If so, I need to walk the code path again, and I should have a reliable
patch to contribute tommorow.  If you are on Win32, and would go back
to my previous post to the list, [cl FindFile.c /link kernel32.lib], 
testing a few folders and the driver names, I'd much appreciate some 
confirmation that these two tests should be sufficient.

My own test results are attached.

I have no problem adding this test after the file is opened:

> DWORD GetFileType(HANDLE hFile); 
> Returns
> FILE_TYPE_UNKNOWN  is unknown.  
> FILE_TYPE_DISK  is a disk file. 
> FILE_TYPE_CHAR  is a character file, typically an LPT device 
> or a console. 
> FILE_TYPE_PIPE  is either a named or anonymous pipe. 

I believe we must close and permission-deny any CHAR files that we
discover we've opened.  I have no opinion on UNKNOWN and PIPE.


View raw message