You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Dave Beckett <D....@ukc.ac.uk> on 1998/03/25 15:47:30 UTC

mod_rewrite/1993: mod_rewrite does not expand %{VARIABLE} inside RewriteCond and RewriteRule

>Number:         1993
>Category:       mod_rewrite
>Synopsis:       mod_rewrite does not expand %{VARIABLE} inside RewriteCond and RewriteRule
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Wed Mar 25 06:50:00 PST 1998
>Last-Modified:
>Originator:     D.J.Beckett@ukc.ac.uk
>Organization:
apache
>Release:        1.3b5
>Environment:
SunOS 4.1.3 sun4c, gcc 2.7.0
>Description:
Any use in RewriteCond or RewriteRule of %{VARIABLE} to expand
a variable does not work - the %{VARIABLE} part is skipped.  In
fact if any %{VARIABLE} is present, the output is truncated at
that point.
>How-To-Repeat:
Try this:
RewriteLog /tmp/rw.log
RewriteLogLevel 9
RewriteRule /anything /blah/%{SERVER_NAME}/more

then try fetching /anything, the rewritten URL will be /blah/ and hence
not found, with a sequence something like this in the rewrite log:

(2) init rewrite engine with requested uri /anything
(3) applying pattern '/anything' to uri '/anything'
(2) rewrite /anything -> /blah/
(2) local path result: /blah/
(2) prefixed with document_root to /usr/local/www/docs/blah/
(1) go-ahead with /usr/local/www/docs/blah/ [OK]


Note: the bug isn't really mod_rewrite but there I didn't see a
category for the 'ap' library in the bugs database WWW form.
>Fix:
The problem is caused by ap_cpystrn copying an extra \0 when
the source string is \0 terminated. 

It is compounded by returning the address of the extra \0 rather than
the first one.  The only place in the source code that uses this is in
mod_rewrite even though the extra copying happens every time ap_cpystrn
is used.

The fix is a patch something like this to ap/ap_cpystrn.c
and this works for me.

*** ap_cpystrn.c	Wed Jan  7 16:45:55 1998
--- ap_cpystrn.c.new	Wed Mar 25 14:25:31 1998
***************
*** 80,86 ****
      while ((d < end) && (*d++ = *src++))
          ;	/* nop, the while does it all */
  
!     *d = '\0';	/* always null terminate */
  
!     return (d);
  }
--- 80,89 ----
      while ((d < end) && (*d++ = *src++))
          ;	/* nop, the while does it all */
  
!     if (d == end) {
!       *d = '\0';	/* always null terminate */
!       return (d);
!     }
  
!     return d-1;		/* except when original copy did the null already */
  }
%0
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]