You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Rob Hartill <ro...@imdb.com> on 1996/09/20 12:25:15 UTC
Possible Bug/Hole in Apache 1.1.1? (fwd)

Not acked


----- Forwarded message from Alex Mottram -----

Message-Id: <19...@dns1.net-connect.net>
From: Alex Mottram <al...@dns1.net-connect.net>
To: apache-bugs@mail.apache.org
MMDF-Warning:  Parse error in original version of preceding line at US1.IMDb.Com
Subject: Possible Bug/Hole in Apache 1.1.1?
Date: Thu, 19 Sep 1996 21:19:02 -0500
X-MSMail-Priority: Normal
X-Priority: 3
X-Mailer: Microsoft Internet Mail 4.70.1155
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Please consider the following c++ code, compiled as a cgi program.  :
(this is not intended to be an actual cgi, just something to find the
problem with
the parsing of the cgi query string).  

-- cut here --
#include <iostream.h>
extern char **environ;
int main( int argc, char *argv[] )
{
        int Fig;

        cout << "Content-Type: text/html" << endl << endl;
        cout << "<HTML><HEAD><TITLE>Test CGI</TITLE></HEAD><BODY>" << endl;

        for ( Fig = 1 ; Fig < argc ; Fig++ )
        {
                cout << argv[ Fig ] << "<P>" << endl;
        }

        cout << "<BR><HR>" << endl;

        Fig = 0;

        while ( environ[ Fig ] != NULL )
        {
                cout << environ[ Fig++ ] << "<P>" << endl;   
  }

        cout << "</BODY></HTML>" << endl;
}            
-- cut here --

produces the following output when accessed as:

"http://www.net-connect.net/cgi-test/bcgi?5 HTTP/3.06 7 8 9 0"

-- begin output --

5

HTTP_CONNECTION=Keep-Alive
HTTP_USER_AGENT=Mozilla/3.0b7Gold (Win95; I)
HTTP_HOST=www.net-connect.net
HTTP_ACCEPT=image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
PATH=/bin:/usr/bin:
SERVER_SOFTWARE=Apache/1.1.1
SERVER_NAME=www.net-connect.net
SERVER_PORT=80
REMOTE_HOST=as61.net-connect.net
REMOTE_ADDR=204.181.38.161
DOCUMENT_ROOT=/usr/local/etc/httpd/htdocs
SERVER_ADMIN=webmaster@net-connect.net
SCRIPT_FILENAME=/home/alex/cgi-bin/bcgi
GATEWAY_INTERFACE=CGI/1.1
SERVER_PROTOCOL=HTTP/3.06 7 8 9 0 HTTP/1.0 **** NOTICE ****
			^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
REQUEST_METHOD=GET
QUERY_STRING=5
SCRIPT_NAME=/cgi-test/bcgi


Thanks for your time!

Alex Mottram

----- End of forwarded message from Alex Mottram -----

-- 
Rob Hartill (robh@imdb.com)    
http://www.imdb.com/  ... why wait for a clear night to see the stars?.