www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <...@niss.ac.uk>
Subject Re: mod_speling/5326: mod_speling does not escape URLs
Date Mon, 24 Jan 2000 15:30:00 GMT
The following reply was made to PR mod_speling/5326; it has been noted by GNATS.

From: <nic@niss.ac.uk>
To: nic@niss.ac.uk
Cc: apbugs@apache.org
Subject: Re: mod_speling/5326: mod_speling does not escape URLs
Date: Mon, 24 Jan 2000 15:28:22 +0000 (GMT)

 Hi,
 
 It looks like you've read my bug report and tried to fix the problem
 in the correct manner (rather than my kludgy way) in 1.3.11.
 
 However, you've only fixed it for the single choice case (line 411
 mod_speling.c).
 
 In the multiple choice case (line 471) you're still using ap_strcat
 and not escaping the URL.
 
 Here's an untested patch (for 1.3.11) based on your code for the
 single choice case:
 
 Cheers,
 nic
 
 bash$ diff -u  mod_speling.c mod_speling.c.orig 
 --- mod_speling.c	Mon Jan 24 15:18:39 2000
 +++ mod_speling.c.orig	Mon Jan 24 14:24:27 2000
 @@ -468,13 +468,11 @@
  
  		reason = sp_reason_str[(int) (variant[i].quality)];
                  /* The format isn't very neat... */
 -		vuri = ap_escape_uri(sub_pool, ap_pstrcat(sub_pool, url,
 -							  variant[i].name,
 -							  r->path_info, NULL));
 -		if (r->parsed_uri.query)
 -		    vuri = ap_pstrcat(r->pool, vuri, "?", r->parsed_uri.query, NULL);
 -
 -
 +		vuri = ap_pstrcat(sub_pool, url, variant[i].name, r->path_info,
 +				  (r->parsed_uri.query != NULL) ? "?" : "",
 +				  (r->parsed_uri.query != NULL)
 +				      ? r->parsed_uri.query : "",
 +				  NULL);
  		*(const char **)ap_push_array(v) = "\"";
  		*(const char **)ap_push_array(v) = vuri;
  		*(const char **)ap_push_array(v) = "\";\"";

Mime
View raw message