You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by David Johle <we...@drcheap.com> on 2000/02/21 19:46:02 UTC

mod_autoindex/5792: Filenames >= 25 characters cause garbage on directory listing

>Number:         5792
>Category:       mod_autoindex
>Synopsis:       Filenames >= 25 characters cause garbage on directory listing
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Mon Feb 21 10:50:03 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     webmaster@drcheap.com
>Release:        1.3.6
>Organization:
apache
>Environment:
Slackware Linux, 2.0.34 kernel
gcc version egcs-2.90.29 980515 (egcs-1.0.3 release)
>Description:
When a directory has no index file and a listing of files is returned to the client, garbage may occur.
This only happens when there are filenames of length 25 or greater.
When the garbage is returned, it is immediately following the >= 25 character filename.
After the garbage, the directory listing continues.
If another filename of >= 25 characters is encountered, more garbage shows up.
This happens most of the time, however sometimes the listing is clean.

Also, the "garbage" is not just random data, but data that should be going to other clients who are accessing other web sites hosted on the same server.\
Sometimes the data is nice chunks of a HTML file, other times it's binary spew of an image.

This could be a security risk as well if some sensitive data were presented in the "garbage" listing.

The server performance is not affected by this, file contents are not modified or mangled, only directory listing output is a mess.
>How-To-Repeat:
Create a test directory.
Create several files (content is irrelevant) with filenames of various lengths, making sure some are 23, 24, 25, and 26 characters long.
View the directory via web browser, reload as necessary to see none/various garbage.

Example URL:  http://www.drcheap.com/test
>Fix:
I have NO clue...this could be anything from filesystem related stuff to shared memory space problems or something else completely.
>Release-Note:
>Audit-Trail:
>Unformatted:
 [In order for any reply to be added to the PR database, you need]
 [to include <ap...@Apache.Org> in the Cc line and make sure the]
 [subject line starts with the report component and number, with ]
 [or without any 'Re:' prefixes (such as "general/1098:" or      ]
 ["Re: general/1098:").  If the subject doesn't match this       ]
 [pattern, your message will be misfiled and ignored.  The       ]
 ["apbugs" address is not added to the Cc line of messages from  ]
 [the database automatically because of the potential for mail   ]
 [loops.  If you do not include this Cc, your reply may be ig-   ]
 [nored unless you are responding to an explicit request from a  ]
 [developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]