You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by dg...@hyperreal.com on 1997/04/27 23:15:45 UTC

Changed information for PR suexec/479

Synopsis: mod_cgi passing foobared username argument to suEXEC

State-Changed-From-To: open-feedback
State-Changed-By: dgaudet
State-Changed-When: Sun Apr 27 14:15:44 PDT 1997
State-Changed-Why:
I'd wager this too was fixed by 1.2b9... which is in the usual
places.  Could you tell us if it does fix the problem?

Thanks
Dean

Re: Changed information for PR suexec/479

Posted by Marc Slemko <ma...@znep.com>.

Damn.  Check out argv.  You will find several thousand copies of whatever
argument you pass.  Oops.  Will look at the cause...


On Sun, 27 Apr 1997, Mark A. Bentley wrote:

> 
> Hmmm, interesting... suEXEC isn't logging an error now, instead
> the server is returning this error:
> 
>    500 Internal Server Error
> 
> And my error log says "premature end of script headers".
> 
> It seems the only time this bug shows itself is when the
> query string doesn't consist of name=value, but rather 
> just a name, like this:
> 
>    http://www.cs.umn.edu/~amundson/haha.cgi?test
> 
> If I say ...
> 
>     /haha.cgi?test=          I don't get that error.
>     /haha.cgi?test=something I don't get that error either.
> 
> I'm not sure what the spec says about the query string, but I
> think it is legal to pass a string that isn't a name/value pair, 
> right?
> 
> Well, I hope this helps.   By the way, you guys are doing a great job!
> 
>    --Mark
> 
> On Sun, 27 Apr 1997 dgaudet@hyperreal.com wrote:
> 
> > Synopsis: mod_cgi passing foobared username argument to suEXEC
> > 
> > State-Changed-From-To: open-feedback
> > State-Changed-By: dgaudet
> > State-Changed-When: Sun Apr 27 14:15:44 PDT 1997
> > State-Changed-Why:
> > I'd wager this too was fixed by 1.2b9... which is in the usual
> > places.  Could you tell us if it does fix the problem?
> > 
> > Thanks
> > Dean
> > 
> 
> 
> --
> Mark A Bentley			Email:	bentlema@cs.umn.edu
> Systems Staff, CSci Dept
> University of Minnesota 	URL:	http://www.cs.umn.edu/~bentlema/
>

Re: Changed information for PR suexec/479

Posted by Dean Gaudet <dg...@arctic.org>.

There are definately special cases for = in the code... but I'm not going
to pretend to know why they're there.  Anyone else? 

Dean

On Sun, 27 Apr 1997, Mark A. Bentley wrote:

> 
> Hmmm, interesting... suEXEC isn't logging an error now, instead
> the server is returning this error:
> 
>    500 Internal Server Error
> 
> And my error log says "premature end of script headers".
> 
> It seems the only time this bug shows itself is when the
> query string doesn't consist of name=value, but rather 
> just a name, like this:
> 
>    http://www.cs.umn.edu/~amundson/haha.cgi?test
> 
> If I say ...
> 
>     /haha.cgi?test=          I don't get that error.
>     /haha.cgi?test=something I don't get that error either.
> 
> I'm not sure what the spec says about the query string, but I
> think it is legal to pass a string that isn't a name/value pair, 
> right?
> 
> Well, I hope this helps.   By the way, you guys are doing a great job!
> 
>    --Mark
> 
> On Sun, 27 Apr 1997 dgaudet@hyperreal.com wrote:
> 
> > Synopsis: mod_cgi passing foobared username argument to suEXEC
> > 
> > State-Changed-From-To: open-feedback
> > State-Changed-By: dgaudet
> > State-Changed-When: Sun Apr 27 14:15:44 PDT 1997
> > State-Changed-Why:
> > I'd wager this too was fixed by 1.2b9... which is in the usual
> > places.  Could you tell us if it does fix the problem?
> > 
> > Thanks
> > Dean
> > 
> 
> 
> --
> Mark A Bentley			Email:	bentlema@cs.umn.edu
> Systems Staff, CSci Dept
> University of Minnesota 	URL:	http://www.cs.umn.edu/~bentlema/
> 
>

Re: Changed information for PR suexec/479

Posted by "Mark A. Bentley" <be...@cs.umn.edu>.

Hmmm, interesting... suEXEC isn't logging an error now, instead
the server is returning this error:

   500 Internal Server Error

And my error log says "premature end of script headers".

It seems the only time this bug shows itself is when the
query string doesn't consist of name=value, but rather 
just a name, like this:

   http://www.cs.umn.edu/~amundson/haha.cgi?test

If I say ...

    /haha.cgi?test=          I don't get that error.
    /haha.cgi?test=something I don't get that error either.

I'm not sure what the spec says about the query string, but I
think it is legal to pass a string that isn't a name/value pair, 
right?

Well, I hope this helps.   By the way, you guys are doing a great job!

   --Mark

On Sun, 27 Apr 1997 dgaudet@hyperreal.com wrote:

> Synopsis: mod_cgi passing foobared username argument to suEXEC
> 
> State-Changed-From-To: open-feedback
> State-Changed-By: dgaudet
> State-Changed-When: Sun Apr 27 14:15:44 PDT 1997
> State-Changed-Why:
> I'd wager this too was fixed by 1.2b9... which is in the usual
> places.  Could you tell us if it does fix the problem?
> 
> Thanks
> Dean
> 

--
Mark A Bentley			Email:	bentlema@cs.umn.edu
Systems Staff, CSci Dept
University of Minnesota 	URL:	http://www.cs.umn.edu/~bentlema/