You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2015/07/01 16:37:00 UTC
svn commit: r1688660 - in /httpd/httpd/trunk: CHANGES
docs/log-message-tags/next-number modules/aaa/mod_authz_dbd.c
Author: ylavic
Date: Wed Jul 1 14:37:00 2015
New Revision: 1688660
URL: http://svn.apache.org/r1688660
Log:
mod_authz_dbd: Avoid a crash when lacking correct DB access permissions. PR 57868.
Submitted by: Jose Kahan <jose w3.org>
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/docs/log-message-tags/next-number
httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1688660&r1=1688659&r2=1688660&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Jul 1 14:37:00 2015
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_authz_dbd: Avoid a crash when lacking correct DB access permissions.
+ PR 57868. [Jose Kahan <jose w3.org>, Yann Ylavic]
+
*) http: Fix LimitRequestBody checks when there is no more bytes to read.
[Michael Kaufmann <mail michael-kaufmann.ch>]
Modified: httpd/httpd/trunk/docs/log-message-tags/next-number
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/log-message-tags/next-number?rev=1688660&r1=1688659&r2=1688660&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/log-message-tags/next-number (original)
+++ httpd/httpd/trunk/docs/log-message-tags/next-number Wed Jul 1 14:37:00 2015
@@ -1 +1 @@
-2902
+2904
Modified: httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c?rev=1688660&r1=1688659&r2=1688660&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_authz_dbd.c Wed Jul 1 14:37:00 2015
@@ -126,6 +126,13 @@ static int authz_dbd_login(request_rec *
"No query configured for %s!", action);
return HTTP_INTERNAL_SERVER_ERROR;
}
+ if (dbd == NULL) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02902)
+ "No db handle available for %s! "
+ "Check your database access",
+ action);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
query = apr_hash_get(dbd->prepared, cfg->query, APR_HASH_KEY_STRING);
if (query == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01643)
@@ -212,6 +219,12 @@ static int authz_dbd_group_query(request
"No query configured for dbd-group!");
return HTTP_INTERNAL_SERVER_ERROR;
}
+ if (dbd == NULL) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02903)
+ "No db handle available for dbd-query! "
+ "Check your database access");
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
query = apr_hash_get(dbd->prepared, cfg->query, APR_HASH_KEY_STRING);
if (query == NULL) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01650)