httpd-test-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From grega...@apache.org
Subject cvs commit: httpd-test/specweb99/specweb99-2.0 mod_specweb99.c
Date Mon, 03 Mar 2003 19:20:58 GMT
gregames    2003/03/03 11:20:58

  Modified:    specweb99/specweb99-2.0 mod_specweb99.c
  Log:
  fix seg fault when a POST request is received with no cookie but with
  mod_specweb99's URI.  This request is not from the SPECweb99 client.
  
  In my case, it came from an IBM internal security scan which detected
  I had port 80 open, then tried to do all kinds of nasty stuff to the
  web server.  I'm pleased to report that there were no problems found
  other than this one.
  
  Revision  Changes    Path
  1.26      +15 -3     httpd-test/specweb99/specweb99-2.0/mod_specweb99.c
  
  Index: mod_specweb99.c
  ===================================================================
  RCS file: /home/cvs/httpd-test/specweb99/specweb99-2.0/mod_specweb99.c,v
  retrieving revision 1.25
  retrieving revision 1.26
  diff -u -r1.25 -r1.26
  --- mod_specweb99.c	27 Feb 2003 22:12:35 -0000	1.25
  +++ mod_specweb99.c	3 Mar 2003 19:20:58 -0000	1.26
  @@ -1248,10 +1248,22 @@
           }
           return do_post(r, user_id, cur_time);
       }
  -    if (!strncmp(r->args, "command/", 8)) {
  -        return do_housekeeping(r);
  +    if (r->args) {
  +        if (!strncmp(r->args, "command/", 8)) {
  +                return do_housekeeping(r);
  +        }
  +        return do_standard_get(r);
  +    }
  +    else {
  +        /* no cookie, no args, but it's our URI, uh oh...
  +         * this isn't coming from the SPECweb99 client!
  +         */ 
  +        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
  +                      "probable non-SPECweb99 request received:"
  +                      " %s for URI %s with no cookie and no args", 
  +                      r->method, r->uri);
  +        return DECLINED;
       }
  -    return do_standard_get(r);
   }                                  /* specweb99_quick_handler    */
   
   static void register_hooks(apr_pool_t * p)
  
  
  

Mime
View raw message