You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by sf...@apache.org on 2009/10/23 21:27:41 UTC
svn commit: r829185 - in /httpd/httpd/trunk: CHANGES
modules/cache/mod_socache_shmcb.c
Author: sf
Date: Fri Oct 23 19:27:32 2009
New Revision: 829185
URL: http://svn.apache.org/viewvc?rev=829185&view=rev
Log:
Only parse cache size in parens at the end of the string. Fixes SSLSessionCache
directive mis-parsing parens in pathname.
PR: 47945
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=829185&r1=829184&r2=829185&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Oct 23 19:27:32 2009
@@ -10,6 +10,10 @@
mod_proxy_ftp: NULL pointer dereference on error paths.
[Stefan Fritsch <sf fritsch.de>, Joe Orton]
+ *) mod_socache_shmcb: Only parse cache size in parens at the end of the
+ string. Fixes SSLSessionCache directive mis-parsing parens in pathname.
+ PR 47945. [Stefan Fritsch]
+
*) htpasswd: Improve out of disk space handling. PR 30877. [Stefan Fritsch]
*) htpasswd: Use MD5 hash by default on all platforms. [Stefan Fritsch]
Modified: httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c?rev=829185&r1=829184&r2=829185&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c (original)
+++ httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c Fri Oct 23 19:27:32 2009
@@ -278,15 +278,11 @@
ctx->data_file = path = ap_server_root_relative(p, arg);
- cp = strchr(path, '(');
- if (cp) {
+ cp = strrchr(path, '(');
+ cp2 = path + strlen(path) - 1;
+ if (cp && (*cp2 == ')')) {
*cp++ = '\0';
-
- if (!(cp2 = strchr(cp, ')'))) {
- return "Invalid argument: no closing parenthesis";
- }
-
- *cp2 = '\0';
+ *cp2 = '\0';
ctx->shm_size = atoi(cp);
Re: svn commit: r829185 - in /httpd/httpd/trunk: CHANGES modules/cache/mod_socache_shmcb.c
Posted by Stefan Fritsch <sf...@sfritsch.de>.
On Friday 23 October 2009, Ruediger Pluem wrote:
> > - cp = strchr(path, '(');
> > - if (cp) {
> > + cp = strrchr(path, '(');
> > + cp2 = path + strlen(path) - 1;
> > + if (cp && (*cp2 == ')')) {
> > *cp++ = '\0';
> > -
> > - if (!(cp2 = strchr(cp, ')'))) {
> > - return "Invalid argument: no closing parenthesis";
> > - }
>
> No error message any longer for missing parenthesis?
> I doubt that filenames like /somewhere/somefile(something are
> intended.
>
The question is if such filenames should be allowed. But I guess it's
enought to allow them in case the cache size is given, too. Fixed in
r829362
Re: svn commit: r829185 - in /httpd/httpd/trunk: CHANGES modules/cache/mod_socache_shmcb.c
Posted by Ruediger Pluem <rp...@apache.org>.
On 10/23/2009 09:27 PM, sf@apache.org wrote:
> Author: sf
> Date: Fri Oct 23 19:27:32 2009
> New Revision: 829185
>
> URL: http://svn.apache.org/viewvc?rev=829185&view=rev
> Log:
> Only parse cache size in parens at the end of the string. Fixes SSLSessionCache
> directive mis-parsing parens in pathname.
>
> PR: 47945
>
> Modified:
> httpd/httpd/trunk/CHANGES
> httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c
>
> Modified: httpd/httpd/trunk/CHANGES
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=829185&r1=829184&r2=829185&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/CHANGES [utf-8] (original)
> +++ httpd/httpd/trunk/CHANGES [utf-8] Fri Oct 23 19:27:32 2009
> @@ -10,6 +10,10 @@
> mod_proxy_ftp: NULL pointer dereference on error paths.
> [Stefan Fritsch <sf fritsch.de>, Joe Orton]
>
> + *) mod_socache_shmcb: Only parse cache size in parens at the end of the
> + string. Fixes SSLSessionCache directive mis-parsing parens in pathname.
> + PR 47945. [Stefan Fritsch]
> +
> *) htpasswd: Improve out of disk space handling. PR 30877. [Stefan Fritsch]
>
> *) htpasswd: Use MD5 hash by default on all platforms. [Stefan Fritsch]
>
> Modified: httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c?rev=829185&r1=829184&r2=829185&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c (original)
> +++ httpd/httpd/trunk/modules/cache/mod_socache_shmcb.c Fri Oct 23 19:27:32 2009
> @@ -278,15 +278,11 @@
>
> ctx->data_file = path = ap_server_root_relative(p, arg);
>
> - cp = strchr(path, '(');
> - if (cp) {
> + cp = strrchr(path, '(');
> + cp2 = path + strlen(path) - 1;
> + if (cp && (*cp2 == ')')) {
> *cp++ = '\0';
> -
> - if (!(cp2 = strchr(cp, ')'))) {
> - return "Invalid argument: no closing parenthesis";
> - }
No error message any longer for missing parenthesis?
I doubt that filenames like /somewhere/somefile(something are intended.
> -
> - *cp2 = '\0';
> + *cp2 = '\0';
>
> ctx->shm_size = atoi(cp);
>
Regards
RĂ¼diger