You are viewing a plain text version of this content. The canonical link for it is here.

Posted to test-cvs@httpd.apache.org by ja...@apache.org on 2002/09/06 11:35:56 UTC

cvs commit: httpd-test/flood flood_round_robin.c

jacekp      2002/09/06 02:35:56

  Modified:    flood    flood_round_robin.c
  Log:
  Catch every possible flaw in URL.
  
  Revision  Changes    Path
  1.27      +13 -0     httpd-test/flood/flood_round_robin.c
  
  Index: flood_round_robin.c
  ===================================================================
  RCS file: /home/cvs/httpd-test/flood/flood_round_robin.c,v
  retrieving revision 1.26
  retrieving revision 1.27
  diff -u -r1.26 -r1.27
  --- flood_round_robin.c	1 Aug 2002 22:25:35 -0000	1.26
  +++ flood_round_robin.c	6 Sep 2002 09:35:55 -0000	1.27
  @@ -792,6 +792,19 @@
           apr_file_printf (local_stderr, "Misformed URL '%s'\n", r->uri);
           exit (APR_EGENERAL);
       }                                                                          
  +    if (r->parsed_uri->hostname[0] == '\0') {
  +        apr_file_printf (local_stderr, "Misformed URL '%s' -- can't find valid hostname.\n", r->uri);
  +        exit (APR_EGENERAL);
  +    }
  +    /* this schouldn't be hardcoded, but... :) */
  +    if (apr_strnatcmp (r->parsed_uri->scheme, "http") != APR_SUCCESS && apr_strnatcmp (r->parsed_uri->scheme, "https") != APR_SUCCESS) {
  +        apr_file_printf (local_stderr, "Wrong URL scheme '%s' -- only 'http' and 'https' schemes are supported.\n", r->parsed_uri->scheme);
  +        exit (APR_EGENERAL);
  +    }
  +    if (r->parsed_uri->user != NULL || r->parsed_uri->password != NULL) {
  +        apr_file_printf (local_stderr, "Misformed URL -- auth data schould be outside URL -- please see docs.\n");
  +        exit (APR_EGENERAL);
  +    }
       if (!r->parsed_uri->port)
       {
           r->parsed_uri->port =

Re: cvs commit: httpd-test/flood flood_round_robin.c

Posted by Justin Erenkrantz <je...@apache.org>.

On Fri, Sep 06, 2002 at 09:35:56AM -0000, jacekp@apache.org wrote:
>   +    if (r->parsed_uri->hostname[0] == '\0') {
>   +        apr_file_printf (local_stderr, "Misformed URL '%s' -- can't find valid hostname.\n", r->uri);
>   +        exit (APR_EGENERAL);
>   +    }

Watch out for long lines (per previous email) and there are no spaces
between a function name and its arguments: "apr_file_printf (" vs.
"apr_file_printf(".  -- justin