httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [2.2 PATCH] fix HttpProtocolOptions (etc) merging
Date Fri, 17 Feb 2017 17:38:30 GMT
+1

On Fri, Feb 17, 2017 at 12:37 PM, William A Rowe Jr <wrowe@rowe-clan.net> wrote:
> Great catch; +1 to commit to 2.2.x and
> http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x-merge-http-strict/
> branches.
>
> And thanks for adding the breadcrumb for the next sucker to miss this :-O
>
> On Fri, Feb 17, 2017 at 3:30 AM, Joe Orton <jorton@redhat.com> wrote:
>> Found during QA of the CVE-2016-8743 patch here.  The merging logic in
>> merge_core_server_configs is (confusingly) inverted from 2.2 to 2.4, so
>> e.g. HttpProtocolOptions doesn't inherit from global to vhost configs in
>> 2.2.32. :(
>>
>> Index: server/core.c
>> ===================================================================
>> --- server/core.c       (revision 1783354)
>> +++ server/core.c       (working copy)
>> @@ -546,15 +546,19 @@
>>                             ? virt->merge_trailers
>>                             : base->merge_trailers;
>>
>> -    if (virt->http09_enable != AP_HTTP09_UNSET)
>> -        conf->http09_enable = virt->http09_enable;
>> +    if (conf->http09_enable == AP_HTTP09_UNSET)
>> +        conf->http09_enable = base->http09_enable;
>>
>> -    if (virt->http_conformance != AP_HTTP_CONFORMANCE_UNSET)
>> -        conf->http_conformance = virt->http_conformance;
>> +    if (conf->http_conformance == AP_HTTP_CONFORMANCE_UNSET)
>> +        conf->http_conformance = base->http_conformance;
>>
>> -    if (virt->http_methods != AP_HTTP_METHODS_UNSET)
>> -        conf->http_methods = virt->http_methods;
>> +    if (conf->http_methods == AP_HTTP_METHODS_UNSET)
>> +        conf->http_methods = base->http_methods;
>>
>> +    /* N.B. If you backport things here from 2.4, note that the
>> +     * merging logic needs to be inverted, since conf is initially a
>> +     * copy of vertv not basev. */
>> +
>>      return conf;
>>  }
>>
>>



-- 
Eric Covener
covener@gmail.com

Mime
View raw message