You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by dg...@hyperreal.org on 1999/05/05 19:46:08 UTC
cvs commit: apache-1.3/src/modules/standard mod_include.c
dgaudet 99/05/05 10:46:08
Modified: src CHANGES
src/modules/standard mod_include.c
Log:
mod_include's fsize/flastmod should allow only relative paths, just
like "include file".
This bug was introduced during the 1.98 -> 1.99 rev of mod_include.
Submitted by: Jaroslav Benkovsky <be...@pha.pvt.cz>
Revision Changes Path
1.1347 +3 -0 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1346
retrieving revision 1.1347
diff -u -r1.1346 -r1.1347
--- CHANGES 1999/05/04 11:21:07 1.1346
+++ CHANGES 1999/05/05 17:46:05 1.1347
@@ -1,5 +1,8 @@
Changes with Apache 1.3.7
+ *) mod_include's fsize/flastmod should allow only relative paths, just
+ like "include file". [Jaroslav Benkovsky <be...@pha.pvt.cz>]
+
*) OS/2: Add support for building loadable modules using DLLs.
[Brian Havard]
1.114 +26 -20 apache-1.3/src/modules/standard/mod_include.c
Index: mod_include.c
===================================================================
RCS file: /home/cvs/apache-1.3/src/modules/standard/mod_include.c,v
retrieving revision 1.113
retrieving revision 1.114
diff -u -r1.113 -r1.114
--- mod_include.c 1999/04/27 20:36:35 1.113
+++ mod_include.c 1999/05/05 17:46:07 1.114
@@ -1045,35 +1045,41 @@
static int find_file(request_rec *r, const char *directive, const char *tag,
char *tag_val, struct stat *finfo, const char *error)
{
- char *to_send;
- request_rec *rr;
+ char *to_send = tag_val;
+ request_rec *rr = NULL;
int ret=0;
+ char *error_fmt = NULL;
if (!strcmp(tag, "file")) {
- ap_getparents(tag_val); /* get rid of any nasties */
-
- rr = ap_sub_req_lookup_file(tag_val, r);
+ /* be safe; only files in this directory or below allowed */
+ if (!is_only_below(tag_val)) {
+ error_fmt = "unable to access file \"%s\" "
+ "in parsed file %s";
+ }
+ else {
+ ap_getparents(tag_val); /* get rid of any nasties */
+ rr = ap_sub_req_lookup_file(tag_val, r);
- if (rr->status == HTTP_OK && rr->finfo.st_mode != 0) {
- to_send = rr->filename;
- if ((ret = stat(to_send, finfo)) == -1) {
- ap_log_rerror(APLOG_MARK, APLOG_ERR, r,
- "unable to get information about \"%s\" "
- "in parsed file %s",
- to_send, r->filename);
- ap_rputs(error, r);
+ if (rr->status == HTTP_OK && rr->finfo.st_mode != 0) {
+ to_send = rr->filename;
+ if (stat(to_send, finfo)) {
+ error_fmt = "unable to get information about \"%s\" "
+ "in parsed file %s";
+ }
+ }
+ else {
+ error_fmt = "unable to lookup information about \"%s\" "
+ "in parsed file %s";
}
}
- else {
+
+ if (error_fmt) {
ret = -1;
- ap_log_rerror(APLOG_MARK, APLOG_ERR, r,
- "unable to lookup information about \"%s\" "
- "in parsed file %s",
- tag_val, r->filename);
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, r, error_fmt, to_send, r->filename);
ap_rputs(error, r);
}
-
- ap_destroy_sub_req(rr);
+
+ if (rr) ap_destroy_sub_req(rr);
return ret;
}