You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2022/06/21 15:36:31 UTC
[Bug 66133] New: uri and parsed_uri not truncated for multiple slashes
https://bz.apache.org/bugzilla/show_bug.cgi?id=66133
Bug ID: 66133
Summary: uri and parsed_uri not truncated for multiple slashes
Product: Apache httpd-2
Version: 2.4.52
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: mod_request
Assignee: bugs@httpd.apache.org
Reporter: akashzambre@ymail.com
Target Milestone: ---
Working on upgrade to 2.4.52 version. And have a test in which url has multiple
slashes that needs to be truncated.
Looking at this change -
https://github.com/apache/httpd/commit/6b3b91a616b4848ee134ef902c785a7b2c0dd453
Before this, ap_no2slash(r->uri) was called. And now it is not which is causing
our tests to fail. We see that although parsed_uri.path is truncated, r->uri is
not, which eventually leads to failure.
Why this change in behavior for these 2 variables?
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 66133] uri and parsed_uri not truncated for multiple slashes
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66133
Yann Ylavic <yl...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
OS| |All
--- Comment #1 from Yann Ylavic <yl...@gmail.com> ---
ap_no2slash() has been replaced by ap_normalize_path(), and a later change
(https://github.com/apache/httpd/commit/aaf7e3eb4f21d3aec19381491470a5168a05904a,
after the commit you mention) handled slash merging ealier (both change made it
to 2.4 at the same time).
What is your test precisely? Because usually r->uri and r->parsed_uri.path are
pointing to the same string at this point, so changing r->parsed_uri.path in
place should also change the value pointed to by r->uri.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 66133] uri and parsed_uri not truncated for multiple slashes
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66133
--- Comment #2 from Akash <ak...@ymail.com> ---
Ya I see that these 2 are pointing to same memory location now, but it was not
like that before.
So the test made duplicates of this and separated out memory location for these
2. As a result, uri and parsed_uri are not same and therefore leads to an issue
on our end.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 66133] uri and parsed_uri not truncated for multiple slashes
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=66133
--- Comment #3 from Yann Ylavic <yl...@gmail.com> ---
Well, the old code pretty much assumed that r->uri == r->parsed_uri.path since
it called ap_unescape_url() on r->parsed_uri.path but ap_getparents() (or
ap_no2slash()) on r->uri.
There are all meant to work on the same location, so the new code is using
r->parsed_uri.path consistently.
Actually ap_process_request_internal() is supposed to be called after
ap_parse_uri(), which sets both pointers to the same value.
I don't know what your test is doing, but if it had tested for %-decoding from
ap_process_request_internal() on r->uri (with r->uri != r->parsed_uri.path), it
would have failed long ago since ap_unescape_url() is called on
r->parsed_uri.path only..
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org