You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Allen Pulsifer <pu...@comcast.net> on 2007/06/14 03:39:25 UTC

revised(3) patch for spurious open attempt on ".../file.html/.htaccess"

I hate to have to do this...

I realized that ++seg should only be incremented when the optimization
results in either a "continue" or a "break".  Here is the correction:

CODE:

            if (r->finfo.filetype
#ifdef CASE_BLIND_FILESYSTEM
                && (filename_len <= canonical_len)
#endif
                && (opts.opts & OPT_SYM_LINKS) )
            {
                if ((r->path_info && *r->path_info) || r->finfo.filetype ==
APR_DIR)
                {
                    thisinfo.filetype = APR_DIR;
                    ++seg;
                    continue;
                }
                else if (r->finfo.filetype == APR_REG)
                {
                    thisinfo.filetype = APR_REG;
                    ++seg;
                    break;
                }
            }

PATCH:

--- .svn/text-base/request.c.svn-base   2007-06-04 23:40:23.801630400 -0400
+++ request.c   2007-06-13 21:34:01.659559100 -0400
@@ -931,13 +931,21 @@
 #ifdef CASE_BLIND_FILESYSTEM
                 && (filename_len <= canonical_len)
 #endif
-                && ((opts.opts & (OPT_SYM_OWNER | OPT_SYM_LINKS)) ==
OPT_SYM_LINKS))
+                && (opts.opts & OPT_SYM_LINKS) )
+            {
+                if ((r->path_info && *r->path_info) || r->finfo.filetype ==
APR_DIR)
             {
-
                 thisinfo.filetype = APR_DIR;
                 ++seg;
                 continue;
             }
+                else if (r->finfo.filetype == APR_REG)
+                {
+                    thisinfo.filetype = APR_REG;
+                    ++seg;
+                    break;
+                }
+            }

             /* We choose apr_stat with flag APR_FINFO_LINK here, rather
that
              * plain apr_stat, so that we capture this path object rather
than


ANALYSIS:

The optimization formerly skipped the lstat and went directly to the
htaccess check, even when it reached the point of checking the full path and
the full path referred to a file.  This resulted in a spurious open attempt
on .../file.html/.htaccess

The revised optimization also skips the lstat and goes directly to the
htaccess check, but only when (a) the directory walk has not yet reached the
full path; or (b) the full path refers to a directory.

Otherwise, when it reaches the full path, if the full path refers to a
regular file, it terminates the directory walk.  If the file type of the
full path is not a directory or a regular file, it continues on with the
unoptimized lstat of the full path.