You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2016/11/14 18:15:08 UTC
svn commit: r1769672 [2/2] - in
/httpd/httpd/branches/2.4.x-merge-http-strict: ./ docs/manual/
docs/manual/mod/ include/ modules/http/ server/
Modified: httpd/httpd/branches/2.4.x-merge-http-strict/server/protocol.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-merge-http-strict/server/protocol.c?rev=1769672&r1=1769671&r2=1769672&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-merge-http-strict/server/protocol.c (original)
+++ httpd/httpd/branches/2.4.x-merge-http-strict/server/protocol.c Mon Nov 14 18:15:07 2016
@@ -591,7 +591,6 @@ static int read_request_line(request_rec
int num_blank_lines = DEFAULT_LIMIT_BLANK_LINES;
core_server_config *conf = ap_get_core_module_config(r->server->module_config);
int strict = (conf->http_conformance != AP_HTTP_CONFORMANCE_UNSAFE);
- int stricturi = (conf->http_stricturi != AP_HTTP_URI_UNSAFE);
/* Read past empty lines until we get a real request line,
* a read error, the connection closes (EOF), or we timeout.
@@ -662,14 +661,15 @@ static int read_request_line(request_rec
*/
if (strict) {
ll = (char*) ap_scan_http_token(r->method);
- if (((ll == r->method) || (*ll && !apr_isspace(*ll)))
- && deferred_error == rrl_none) {
- deferred_error = rrl_badmethod;
- ll = strpbrk(ll, "\t\n\v\f\r ");
- }
}
else {
- ll = strpbrk(r->method, "\t\n\v\f\r ");
+ ll = (char*) ap_scan_vchar_obstext(r->method);
+ }
+
+ if (((ll == r->method) || (*ll && !apr_isspace(*ll)))
+ && deferred_error == rrl_none) {
+ deferred_error = rrl_badmethod;
+ ll = strpbrk(ll, "\t\n\v\f\r ");
}
/* Verify method terminated with a single SP, or mark as specific error */
@@ -697,18 +697,13 @@ static int read_request_line(request_rec
if (!*uri && deferred_error == rrl_none)
deferred_error = rrl_missinguri;
- /* Scan the URI up to the next whitespace, ensure it contains only
- * valid RFC3986 characters, otherwise mark in error
+ /* Scan the URI up to the next whitespace, ensure it contains no raw
+ * control characters, otherwise mark in error
*/
- if (stricturi) {
- ll = (char*) ap_scan_http_uri_safe(uri);
- if (ll == uri || (*ll && !apr_isspace(*ll))) {
- deferred_error = rrl_baduri;
- ll = strpbrk(ll, "\t\n\v\f\r ");
- }
- }
- else {
- ll = strpbrk(uri, "\t\n\v\f\r ");
+ ll = (char*) ap_scan_vchar_obstext(uri);
+ if (ll == uri || (*ll && !apr_isspace(*ll))) {
+ deferred_error = rrl_baduri;
+ ll = strpbrk(ll, "\t\n\v\f\r ");
}
/* Verify method terminated with a single SP, or mark as specific error */
@@ -732,7 +727,7 @@ static int read_request_line(request_rec
*ll = '\0';
/* Scan the protocol up to the next whitespace, validation comes later */
- if (!(ll = strpbrk(r->protocol, " \t\n\v\f\r"))) {
+ if (!(ll = (char*) ap_scan_vchar_obstext(r->protocol))) {
len = strlen(r->protocol);
goto rrl_done;
}
@@ -742,7 +737,10 @@ static int read_request_line(request_rec
* determine if trailing text is found, unconditionally mark in error,
* finally NUL terminate the protocol string
*/
- if (strict && *ll) {
+ if (*ll && !apr_isspace(*ll)) {
+ deferred_error = rrl_badprotocol;
+ }
+ else if (strict && *ll) {
deferred_error = rrl_excesswhitespace;
}
else {
@@ -881,14 +879,6 @@ rrl_done:
}
if (strict) {
- /* No sense re-testing here for what was evaulated above */
- if (!stricturi && ap_has_cntrl(r->the_request)) {
- ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02420)
- "HTTP Request Line; URI must not contain control"
- " characters");
- r->status = HTTP_BAD_REQUEST;
- goto rrl_failed;
- }
if (r->parsed_uri.fragment) {
/* RFC3986 3.5: no fragment */
ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, APLOGNO(02421)
Modified: httpd/httpd/branches/2.4.x-merge-http-strict/server/util.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x-merge-http-strict/server/util.c?rev=1769672&r1=1769671&r2=1769672&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x-merge-http-strict/server/util.c (original)
+++ httpd/httpd/branches/2.4.x-merge-http-strict/server/util.c Mon Nov 14 18:15:07 2016
@@ -1614,31 +1614,12 @@ AP_DECLARE(const char *) ap_scan_http_to
return ptr;
}
-/* Retrieve a token, advancing the pointer to the first non-token character
- * and returning a copy of the token string.
- * The caller must handle whitespace and determine the meaning of the
- * terminating character. Returns NULL if the character at **ptr is not
- * a valid token character.
+/* Scan a string for visible ASCII (0x21-0x7E) or obstext (0x80+)
+ * and return a pointer to the first ctrl/space character encountered.
*/
-AP_DECLARE(char *) ap_get_http_token(apr_pool_t *p, const char **ptr)
+AP_DECLARE(const char *) ap_scan_vchar_obstext(const char *ptr)
{
- const char *tok_end = ap_scan_http_token(*ptr);
- char *tok;
-
- if (tok_end == *ptr)
- return NULL;
-
- tok = apr_pstrmemdup(p, *ptr, tok_end - *ptr);
- *ptr = tok_end;
- return tok;
-}
-
-/* Scan a string for valid URI characters per RFC3986, and
- * return a pointer to the first non-URI character encountered.
- */
-AP_DECLARE(const char *) ap_scan_http_uri_safe(const char *ptr)
-{
- for ( ; TEST_CHAR(*ptr, T_URI_RFC3986); ++ptr) ;
+ for ( ; TEST_CHAR(*ptr, T_VCHAR_OBSTEXT); ++ptr) ;
return ptr;
}
@@ -2239,16 +2220,6 @@ AP_DECLARE(void) ap_bin2hex(const void *
*dest = '\0';
}
-AP_DECLARE(int) ap_has_cntrl(const char *str)
-{
- while (*str) {
- if (apr_iscntrl(*str))
- return 1;
- str++;
- }
- return 0;
-}
-
AP_DECLARE(int) ap_is_directory(apr_pool_t *p, const char *path)
{
apr_finfo_t finfo;