You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2002/03/21 06:55:38 UTC
cvs commit: apache-1.3/src/main http_core.c util_script.c
wrowe 02/03/20 21:55:38
Modified: src/include http_core.h
src/main http_core.c util_script.c
Log:
Add the 'CgiCommandArgs off' directive, to allow paranoid admins
to disable the query argument passing mechanism in Apache.
[Aaron Bannert]
Revision Changes Path
1.68 +12 -0 apache-1.3/src/include/http_core.h
Index: http_core.h
===================================================================
RCS file: /home/cvs/apache-1.3/src/include/http_core.h,v
retrieving revision 1.67
retrieving revision 1.68
diff -u -r1.67 -r1.68
--- http_core.h 13 Mar 2002 21:05:29 -0000 1.67
+++ http_core.h 21 Mar 2002 05:55:37 -0000 1.68
@@ -196,6 +196,12 @@
#define ETAG_BACKWARD (ETAG_MTIME | ETAG_INODE | ETAG_SIZE)
#define ETAG_ALL (ETAG_MTIME | ETAG_INODE | ETAG_SIZE)
+typedef enum {
+ AP_FLAG_UNSET = 0,
+ AP_FLAG_ON = 1,
+ AP_FLAG_OFF = 2
+} ap_flag_e;
+
typedef struct {
/* path of the directory/regex/etc. see also d_is_fnmatch below */
char *d;
@@ -330,6 +336,12 @@
etag_components_t etag_bits;
etag_components_t etag_add;
etag_components_t etag_remove;
+
+ /*
+ * Do we allow ISINDEX CGI scripts to pass their query argument as
+ * direct command line parameters or argv elements?
+ */
+ ap_flag_e cgi_command_args;
} core_dir_config;
1.306 +14 -0 apache-1.3/src/main/http_core.c
Index: http_core.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/main/http_core.c,v
retrieving revision 1.305
retrieving revision 1.306
diff -u -r1.305 -r1.306
--- http_core.c 13 Mar 2002 21:05:30 -0000 1.305
+++ http_core.c 21 Mar 2002 05:55:37 -0000 1.306
@@ -346,6 +346,10 @@
conf->etag_bits &= (~ ETAG_NONE);
}
+ if (new->cgi_command_args != AP_FLAG_UNSET) {
+ conf->cgi_command_args = new->cgi_command_args;
+ }
+
return (void*)conf;
}
@@ -2908,6 +2912,14 @@
}
#endif
+static const char *set_cgi_command_args(cmd_parms *cmd,
+ void *mconfig,
+ int arg)
+{
+ core_dir_config *cfg = (core_dir_config *)mconfig;
+ cfg->cgi_command_args = arg ? AP_FLAG_ON : AP_FLAG_OFF;
+ return NULL;
+}
#ifdef CHARSET_EBCDIC
@@ -3385,6 +3397,8 @@
{ "ScriptInterpreterSource", set_interpreter_source, NULL, OR_FILEINFO, TAKE1,
"Where to find interpreter to run Win32 scripts - Registry or Script (shebang line)" },
#endif
+{ "CGICommandArgs", set_cgi_command_args, NULL, OR_OPTIONS, FLAG,
+ "Allow or Disallow CGI requests to pass args on the command line" },
{ "ServerTokens", set_serv_tokens, NULL, RSRC_CONF, TAKE1,
"Tokens displayed in the Server: header - Min[imal], OS, Prod[uctOnly], Full" },
{ "LimitRequestLine", set_limit_req_line, NULL, RSRC_CONF, TAKE1,
1.161 +13 -9 apache-1.3/src/main/util_script.c
Index: util_script.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/main/util_script.c,v
retrieving revision 1.160
retrieving revision 1.161
diff -u -r1.160 -r1.161
--- util_script.c 13 Mar 2002 21:05:31 -0000 1.160
+++ util_script.c 21 Mar 2002 05:55:37 -0000 1.161
@@ -769,15 +769,10 @@
char **env, int shellcmd)
{
int pid = 0;
-#if defined(RLIMIT_CPU) || defined(RLIMIT_NPROC) || \
- defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined (RLIMIT_AS)
-
core_dir_config *conf;
conf = (core_dir_config *) ap_get_module_config(r->per_dir_config,
&core_module);
-#endif
-
#if !defined(WIN32) && !defined(OS2)
/* the fd on r->server->error_log is closed, but we need somewhere to
* put the error messages from the log_* functions. So, we use stderr,
@@ -844,8 +839,11 @@
int env_len, e;
char *env_block, *env_block_pos;
- if (r->args && r->args[0] && !strchr(r->args, '='))
+ if ((conf->cgi_command_args != AP_FLAG_OFF)
+ && r->args && r->args[0]
+ && !strchr(r->args, '=')) {
args = r->args;
+ }
program = fopen(r->filename, "rt");
@@ -1023,7 +1021,9 @@
* Look at the arguments...
*/
arguments = "";
- if ((r->args) && (r->args[0]) && !strchr(r->args, '=')) {
+ if ((conf->cgi_command_args != AP_FLAG_OFF)
+ && (r->args) && (r->args[0])
+ && !strchr(r->args, '=')) {
/* If we are in this leg, there are some other arguments
* that we must include in the execution of the CGI.
* Because CreateProcess is the way it is, we have to
@@ -1242,7 +1242,9 @@
NULL, env);
}
- else if ((!r->args) || (!r->args[0]) || strchr(r->args, '=')) {
+ else if ((conf->cgi_command_args == AP_FLAG_OFF)
+ || (!r->args) || (!r->args[0])
+ || strchr(r->args, '=')) {
execle(SUEXEC_BIN, SUEXEC_BIN, execuser, grpname, argv0,
NULL, env);
}
@@ -1259,7 +1261,9 @@
execle(SHELL_PATH, SHELL_PATH, "-c", argv0, NULL, env);
}
- else if ((!r->args) || (!r->args[0]) || strchr(r->args, '=')) {
+ else if ((conf->cgi_command_args == AP_FLAG_OFF)
+ || (!r->args) || (!r->args[0])
+ || strchr(r->args, '=')) {
execle(r->filename, argv0, NULL, env);
}