You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2007/08/03 14:45:33 UTC
svn commit: r562442 -
/httpd/httpd/branches/2.2.x/modules/filters/mod_filter.c
Author: jim
Date: Fri Aug 3 05:45:33 2007
New Revision: 562442
URL: http://svn.apache.org/viewvc?view=rev&rev=562442
Log:
Merge r559837, r559999 from trunk:
Fix integer comparisons in mod_filter
PR: 41835
Rationalisation suggested by rpluem
Submitted by: niq
Reviewed by: jim
Modified:
httpd/httpd/branches/2.2.x/modules/filters/mod_filter.c
Modified: httpd/httpd/branches/2.2.x/modules/filters/mod_filter.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/filters/mod_filter.c?view=diff&rev=562442&r1=562441&r2=562442
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/filters/mod_filter.c (original)
+++ httpd/httpd/branches/2.2.x/modules/filters/mod_filter.c Fri Aug 3 05:45:33 2007
@@ -200,11 +200,10 @@
match = 0;
}
}
- else if (!provider->match.string) {
- match = 0;
- }
+ /* we can't check for NULL in provider as that kills integer 0
+ * so we have to test each string/regexp case in the switch
+ */
else {
- /* Now we have no nulls, so we can do string and regexp matching */
switch (provider->match_type) {
case STRING_MATCH:
if (strcasecmp(str, provider->match.string)) {
@@ -221,7 +220,7 @@
case REGEX_MATCH:
if (ap_regexec(provider->match.regex, str, 0, NULL, 0)
== AP_REG_NOMATCH) {
- match = 0;
+ match = 0;
}
break;
case INT_EQ:
@@ -229,23 +228,26 @@
match = 0;
}
break;
+ /* Integer comparisons should be [var] OP [match]
+ * We need to set match = 0 if the condition fails
+ */
case INT_LT:
- if (atoi(str) < provider->match.number) {
+ if (atoi(str) >= provider->match.number) {
match = 0;
}
break;
case INT_LE:
- if (atoi(str) <= provider->match.number) {
+ if (atoi(str) > provider->match.number) {
match = 0;
}
break;
case INT_GT:
- if (atoi(str) > provider->match.number) {
+ if (atoi(str) <= provider->match.number) {
match = 0;
}
break;
case INT_GE:
- if (atoi(str) >= provider->match.number) {
+ if (atoi(str) < provider->match.number) {
match = 0;
}
break;
@@ -589,6 +591,9 @@
match,
rxend-match),
flags);
+ if (provider->match.regex == NULL) {
+ return "Bad regexp";
+ }
break;
case '*':
provider->match_type = DEFINED;