You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Anand Kumria <wi...@progsoc.uts.edu.au> on 1997/04/16 02:10:02 UTC
suexec/398: cgi-bin and suExec don't work when trying to pass arguments to a CGI
The contract type is `' with a response time of 3 business hours.
A first analysis should be sent before: Wed Apr 16 11:00:01 PDT 1997
>Number: 398
>Category: suexec
>Synopsis: cgi-bin and suExec don't work when trying to pass arguments to a CGI
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: apache (Apache HTTP Project)
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Tue Apr 15 17:10:01 1997
>Originator: wildfire@progsoc.uts.edu.au
>Organization:
apache
>Release: 1.2b8
>Environment:
SunOS 4.1.4 most major patches. GCC 2.7.2
>Description:
When attempting to retreive a user's CGI with arguments (i.e. with a
question and data appended) Apache (or suExec) appears to be
escaping the username. I am pretty sure this is an Apache problem,
I'm had suExec print the argument it receives on the command line
it is definately escaped - I'm still trying to see where Apache is
doing the escaping.
>How-To-Repeat:
http://www.progsoc.uts.edu.au/~mike/cgi-bin/wwwadmin.pl (works)
http://www.progsoc.uts.edu.au/~mike/cgi-bin/wwwadmin.pl? (works)
http://www.progsoc.uts.edu.au/~mike/cgi-bin/wwwadmin.pl?<anything> (fails)
>Fix:
I've been looking at util_script.c at the point where Apache is about
to handover execution to SUEXEC - but am having no luck. I'm not sure
if something else is kicking off SUEXEC though
>Audit-Trail:
>Unformatted: