You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2012/07/24 14:54:39 UTC
svn commit: r1365020 - in /httpd/httpd/trunk: CHANGES
modules/proxy/proxy_util.c
Author: jorton
Date: Tue Jul 24 12:54:38 2012
New Revision: 1365020
URL: http://svn.apache.org/viewvc?rev=1365020&view=rev
Log:
* modules/proxy/proxy_util.c (ap_proxy_checkproxyblock): Fix memory
leak/thread-unsafe use of pconf.
Submitted by: rpluem, jorton
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/proxy/proxy_util.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1365020&r1=1365019&r2=1365020&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Jul 24 12:54:38 2012
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_proxy: Fix memory leak or possible corruption in ProxyBlock
+ implementation. [Ruediger Pluem, Joe Orton]
+
*) mod_proxy: Check hostname from request URI against ProxyBlock list,
not forward proxy, if ProxyRemote* is configured. [Joe Orton]
Modified: httpd/httpd/trunk/modules/proxy/proxy_util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/proxy_util.c?rev=1365020&r1=1365019&r2=1365020&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/proxy_util.c (original)
+++ httpd/httpd/trunk/modules/proxy/proxy_util.c Tue Jul 24 12:54:38 2012
@@ -759,6 +759,8 @@ static int proxy_match_word(struct dirco
return host != NULL && ap_strstr_c(host, This->name) != NULL;
}
+#define MAX_IP_STR_LEN (46)
+
PROXY_DECLARE(int) ap_proxy_checkproxyblock(request_rec *r, proxy_server_conf *conf,
const char *hostname, apr_sockaddr_t *addr)
{
@@ -788,19 +790,19 @@ PROXY_DECLARE(int) ap_proxy_checkproxybl
while (conf_addr) {
apr_sockaddr_t *uri_addr = addr;
+ char caddr[MAX_IP_STR_LEN], uaddr[MAX_IP_STR_LEN];
+
+ apr_sockaddr_ip_getbuf(caddr, sizeof caddr, conf_addr);
while (uri_addr) {
- char *conf_ip;
- char *uri_ip;
- apr_sockaddr_ip_get(&conf_ip, conf_addr);
- apr_sockaddr_ip_get(&uri_ip, uri_addr);
+ apr_sockaddr_ip_getbuf(uaddr, sizeof uaddr, uri_addr);
ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
- "ProxyBlock comparing %s and %s", conf_ip,
- uri_ip);
- if (!apr_strnatcasecmp(conf_ip, uri_ip)) {
+ "ProxyBlock comparing %s and %s", caddr,
+ uaddr);
+ if (!strcmp(caddr, uaddr)) {
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(00917)
"connect to remote machine %s blocked: "
- "IP %s matched", hostname, conf_ip);
+ "IP %s matched", hostname, caddr);
return HTTP_FORBIDDEN;
}
uri_addr = uri_addr->next;