You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2007/08/23 07:49:22 UTC
DO NOT REPLY [Bug 43192] New: - %5C produces Internal Server Error
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43192>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43192
Summary: %5C produces Internal Server Error
Product: Apache httpd-2
Version: 2.2.4
Platform: PC
OS/Version: Windows XP
Status: NEW
Severity: normal
Priority: P2
Component: Core
AssignedTo: bugs@httpd.apache.org
ReportedBy: tanaka@cybozu.co.jp
I set AllowEncodedSlashes to "On"
If the url requested to my cgi contains %5C, then my apache server returns
internal server error.
url example:
"http://myserver/cgi-bin/my.cgi/%83%65%83%58%83%67%95%5C.txt"
logs/error.log
(22)Invalid argument: couldn't create child process: 22: my.cgi, referer:
http://myserver/cgi-bin/my.cgi
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 43192] - %5C produces Internal Server Error
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43192>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43192
rahul@sun.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
------- Additional Comments From rahul@sun.com 2007-09-11 01:58 -------
Could not reproduce it in Head (2.3)
Steps used:
As mentioned in bug report
---------------------------
AllowEncodedSlashes On
# /space/store/httpd is the root.
ScriptAlias /cgi-bin/ "/space/store/httpd/cgi-bin/"
---------------------------
>[
GET http://agneyam.india.sun.com:8080/cgi-bin/printenv/myfile%5C.txt HTTP/1.0
]
<[
HTTP/1.1 200 OK
Date: Tue, 11 Sep 2007 08:47:50 GMT
Server: Apache/2.3.0-dev (Unix)
Connection: close
Content-Type: text/plain; charset=iso-8859-1
DOCUMENT_ROOT="/space/store/httpd/htdocs"
GATEWAY_INTERFACE="CGI/1.1"
PATH="."
PATH_INFO="/myfile\.txt"
PATH_TRANSLATED="/space/store/httpd/htdocs/myfile\.txt"
QUERY_STRING=""
REMOTE_ADDR="129.158.224.63"
REMOTE_PORT="34215"
REQUEST_METHOD="GET"
REQUEST_URI="http://agneyam.india.sun.com:8080/cgi-bin/printenv/myfile%5C.txt"
SCRIPT_FILENAME="/space/store/httpd/cgi-bin/printenv"
SCRIPT_NAME="/cgi-bin/printenv"
SERVER_ADDR="129.158.224.203"
SERVER_ADMIN="you@example.com"
SERVER_NAME="agneyam.india.sun.com"
SERVER_PORT="8080"
SERVER_PROTOCOL="HTTP/1.0"
SERVER_SIGNATURE=""
SERVER_SOFTWARE="Apache/2.3.0-dev (Unix)"
TZ="Asia/Calcutta"
Please do provide more information on how the bug can be reproduced.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 43192] - %5C produces Internal Server Error
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=43192>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43192
nick@webthing.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From nick@webthing.com 2007-09-13 06:54 -------
This'll be because it's incorrectly decoded, and so passes junk to the operating
system. Fixing 35256 will fix this.
*** This bug has been marked as a duplicate of 35256 ***
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org