httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Woolley <cliffwool...@yahoo.com>
Subject Re: [PATCH] Fix relative internal file...
Date Thu, 06 Sep 2001 03:34:24 GMT
On Wed, 5 Sep 2001, Justin Erenkrantz wrote:

> $.10 hack.  Works for me.
>
> The other solutions would require a rewrite of the logic.  That
> is something I don't have time to do and I also bet that OtherBill
> has ideas about how to fix this the "right way."  Or not.  =-)
>
> -    if (strncmp(rnew->filename, fdir, fdirlen) == 0
> -           && rnew->filename[fdirlen]
> -           && ap_strchr_c(rnew->filename + fdirlen, '/') == NULL)
> +    if (strncmp(rnew->filename, fdir, fdirlen) == 0 &&
>rnew->filename[fdirlen])

This won't work, I'll bet, for the same reason my hack won't work.  All
you've done is cause the mod_include httpd-test test to pass by getting it
into the "then" instead of the "else", which is the exact same thing my
hack did.  Both will break if you have a relative path that goes UP at
least one directory first, since the strncmp will fail.  You'll get back
into the else case and segfault again.  Rather than working around the
else, which is there for a reason, we need to patch the REST of the code
to be aware of the existance of the else case.  The easiest way to do that
is probably to change the else case to set r->uri NULL instead of to
"INTERNALLY GENERATED fooness" and test r->uri before using it in all
places it's used.

--Cliff

--------------------------------------------------------------
   Cliff Woolley
   cliffwoolley@yahoo.com
   Charlottesville, VA



Mime
View raw message