httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <n...@webthing.com>
Subject Re: svn commit: r573831 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/mod_rewrite.xml modules/mappers/mod_rewrite.c
Date Sun, 09 Sep 2007 14:03:34 GMT
On Sun, 09 Sep 2007 11:41:53 +0200
Ruediger Pluem <rpluem@apache.org> wrote:

> 
> 
> On 09/08/2007 02:46 PM, wrote:
> > Author: niq
> > Date: Sat Sep  8 05:46:10 2007
> > New Revision: 573831
> > 
> > URL: http://svn.apache.org/viewvc?rev=573831&view=rev
> > Log:
> > Add option to escape backreferences in RewriteRule.
> > PR 34602  and  PR 39746
> > Patch by Guenther Gsenger

The patch is in bugzilla.  I applied it without modification
because:
  * It fixes both the bugs listed.
  * The code looks good.
I'm sure it could benefit from further refactoring, but I didn't
want to spend more time on this than necessary.

> I am a little bit unsure if this can have security implications in
> some cases.

I'd like to see an example of how it might affect security.

> Does it make sense to duplicate code? Shouldn't this be placed in
> util.c?

Very likely.  But that escalates it from a bugfix to an API change.

> How about using apr_pstrndup instead?

Indeed.

-- 
Nick Kew

Application Development with Apache - the Apache Modules Book
http://www.apachetutor.org/

Mime
View raw message