Return-Path: Delivered-To: apmail-httpd-dev-archive@httpd.apache.org Received: (qmail 64475 invoked by uid 500); 9 Oct 2001 02:19:38 -0000 Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list dev@httpd.apache.org Received: (qmail 64453 invoked from network); 9 Oct 2001 02:19:37 -0000 Message-ID: <030a01c15068$dbd27bf0$93c0b0d0@roweclan.net> From: "William A. Rowe, Jr." To: References: <20011009013348.92479.qmail@icarus.apache.org> Subject: Re: cvs commit: httpd-2.0/server request.c Date: Mon, 8 Oct 2001 21:15:05 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 X-OriginalArrivalTime: 09 Oct 2001 02:19:43.0791 (UTC) FILETIME=[DBD27BF0:01C15068] X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N I understand this from the perspective of file subrequests, which you did not patch; but I'm not so clear on which invalid URIs you are referring to here... would you mind explaining further, or cite an example? Dirent lookups should be generally following the request cycle, so should file lookups, if they are in the same directory as the parent/main request. Bill ----- Original Message ----- From: To: Sent: Monday, October 08, 2001 8:33 PM Subject: cvs commit: httpd-2.0/server request.c > gregames 01/10/08 18:33:48 > > Modified: server request.c > Log: > prevent near infinite subrequest recursion with mod_negotiation enabled. > This can happen if there is a partial match between a bad URI and a > file with a variant extention. > > ap_sub_req_lookup_dirent has apparently been generating bogus subrequest > URIs for ages, but they used to be ignored. Once we started calling > ap_process_request_internal for all subrequests, they started causing > problems. Make it explicit that rnew->uri is to be ignored for this type > of subrequest. > > Revision Changes Path > 1.68 +1 -5 httpd-2.0/server/request.c > > Index: request.c > =================================================================== > RCS file: /home/cvs/httpd-2.0/server/request.c,v > retrieving revision 1.67 > retrieving revision 1.68 > diff -u -r1.67 -r1.68 > --- request.c 2001/10/08 22:07:32 1.67 > +++ request.c 2001/10/09 01:33:48 1.68 > @@ -1345,7 +1345,6 @@ > request_rec *rnew; > int res; > char *fdir; > - char *udir; > > rnew = make_sub_request(r); > fill_in_sub_req_vars(rnew, r, next_filter); > @@ -1363,15 +1362,12 @@ > * not even have to redo access checks. > */ > > - udir = ap_make_dirstr_parent(rnew->pool, r->uri); > - > /* This is 100% safe, since dirent->name just came from the filesystem */ > - rnew->uri = ap_make_full_path(rnew->pool, udir, dirent->name); > rnew->filename = ap_make_full_path(rnew->pool, fdir, dirent->name); > if (r->canonical_filename == r->filename) > rnew->canonical_filename = rnew->filename; > > - ap_parse_uri(rnew, rnew->uri); /* fill in parsed_uri values */ > + rnew->uri = apr_pstrdup(rnew->pool, ""); > > /* Preserve the apr_stat results, and perhaps we also tag that > * symlinks were tested and/or found for r->filename. > > > >