You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Philipp Rotmann <we...@link-m.de> on 2000/11/24 14:03:31 UTC

apache-api/6885: PATH_TRANSLATED generation produces garbage in error_log

>Number:         6885
>Category:       apache-api
>Synopsis:       PATH_TRANSLATED generation produces garbage in error_log
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Fri Nov 24 05:10:02 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     webmaster@link-m.de
>Release:        1.3.9 and above
>Organization:
apache
>Environment:
Linux 2.2.17 #1 Mit Nov 15 13:38:42 CET 2000 i586 unknown w/ apache 1.3.9 compiled by gcc; in newer apache releases' CHANGES files I couldn't find anything related to the bug as described below, so I haven't upgraded first.
>Description:
When apache encounters an URI such as /cgi-bin/myscript.cgi/path/to/template.html it issues a subrequest to itself in order to get PATH_TRANSLATED. In combination with access restrictions on the file "/path/to/template.html" (e.g. a FilesMatch block anywhere in the server configuration), this behaviour leads to lots of unwanted error_log messages, as every access to the script is logged as a failed access to the raw template file.

The affected code seems to be in main/util_script.c:

    if (r->path_info && r->path_info[0]) {
        /*
         * To get PATH_TRANSLATED, treat PATH_INFO as a URI path.
         * Need to re-escape it for this, since the entire URI was
         * un-escaped before we determined where the PATH_INFO began.
         */
        request_rec *pa_req;

        pa_req = ap_sub_req_lookup_uri(ap_escape_uri(r->pool, r->path_info), r);
>How-To-Repeat:
Just set up a file inside your DocumentRoot, impose access restrictions on it (<Files test.html>\norder allow, deny\ndeny from all\n</Files>) and then access it via any cgi script that doesn't even need to use the file in any way (of course), with a request like http://my.server.com/cgi-bin/whatever/test.html -- then look into your error_log.
>Fix:
No -- too few knowledge of apache interna.
>Release-Note:
>Audit-Trail:
>Unformatted:
 [In order for any reply to be added to the PR database, you need]
 [to include <ap...@Apache.Org> in the Cc line and make sure the]
 [subject line starts with the report component and number, with ]
 [or without any 'Re:' prefixes (such as "general/1098:" or      ]
 ["Re: general/1098:").  If the subject doesn't match this       ]
 [pattern, your message will be misfiled and ignored.  The       ]
 ["apbugs" address is not added to the Cc line of messages from  ]
 [the database automatically because of the potential for mail   ]
 [loops.  If you do not include this Cc, your reply may be ig-   ]
 [nored unless you are responding to an explicit request from a  ]
 [developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]