www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: mod_access/1328: Bytes are checked in wrong order for T_IP allowdeny_type, resulting in <Location> not working for IP mask
Date Wed, 29 Oct 1997 04:39:11 GMT
Forget not the other PR from someone else of a similar nature that could
be related... not sure if it is marked as closed or what. 

On 29 Oct 1997, Dean Gaudet wrote:

> The following reply was made to PR mod_access/1328; it has been noted by GNATS.
> 
> From: Dean Gaudet <dgaudet@arctic.org>
> To: Christophe Tronche <ch.tronche@computer.org>
> Cc: apbugs@hyperreal.org
> Subject: Re: mod_access/1328: Bytes are checked in wrong order for T_IP allowdeny_type,
resulting in <Location> not working for IP mask
> Date: Tue, 28 Oct 1997 18:39:50 -0800 (PST)
> 
>  Give this patch a try please. 
>  
>  Dean
>  
>  Index: modules/standard/mod_access.c
>  ===================================================================
>  RCS file: /export/home/cvs/apachen/src/modules/standard/mod_access.c,v
>  retrieving revision 1.27
>  diff -u -r1.27 mod_access.c
>  --- mod_access.c	1997/10/22 20:30:11	1.27
>  +++ mod_access.c	1997/10/29 02:34:44
>  @@ -204,12 +204,14 @@
>   	/* legacy syntax for ip addrs: a.b.c. ==> a.b.c.0/24 for example */
>   	int shift;
>   	char *t;
>  +	int octet;
>   
>   	a->type = T_IP;
>   	/* parse components */
>   	s = where;
>   	a->x.ip.net = 0;
>  -	shift = 0;
>  +	a->x.ip.mask = 0;
>  +	shift = 24;
>   	while (*s) {
>   	    t = s;
>   	    if (!isdigit(*t)) {
>  @@ -226,11 +228,21 @@
>   		a->type = T_FAIL;
>   		return "invalid ip address";
>   	    }
>  -	    a->x.ip.net |= atoi(s) << shift;
>  +	    if (shift < 0) {
>  +		return "invalid ip address, only 4 octets allowed";
>  +	    }
>  +	    octet = atoi(s);
>  +	    if (octet < 0 || octet > 255) {
>  +		a->type = T_FAIL;
>  +		return "each octet must be between 0 and 255 inclusive";
>  +	    }
>  +	    a->x.ip.net |= octet << shift;
>   	    a->x.ip.mask |= 0xFFUL << shift;
>  -	    shift += 8;
>   	    s = t;
>  +	    shift -= 8;
>   	}
>  +	a->x.ip.net = ntohl(a->x.ip.net);
>  +	a->x.ip.mask = ntohl(a->x.ip.mask);
>       }
>       else {
>   	a->type = T_HOST;
>  
> 


Mime
View raw message