You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2014/04/15 21:11:32 UTC

svn commit: r1587690 - in /httpd/httpd/branches/2.4.x: ./ STATUS modules/filters/mod_proxy_html.c

Author: jim
Date: Tue Apr 15 19:11:31 2014
New Revision: 1587690

URL: http://svn.apache.org/r1587690
Log:
Merge r1584896 from trunk:

Do not perform a p+= 7 that could go past the end of the buffer in case we find a 'content' without a corresponding '='.

Should we need to deal with this case, a new search should be performed to find the real starting position of another potential 'content=' pattern.
Submitted by: jailletc36
Reviewed/backported by: jim

Modified:
    httpd/httpd/branches/2.4.x/   (props changed)
    httpd/httpd/branches/2.4.x/STATUS
    httpd/httpd/branches/2.4.x/modules/filters/mod_proxy_html.c

Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
  Merged /httpd/httpd/trunk:r1584896

Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1587690&r1=1587689&r2=1587690&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Tue Apr 15 19:11:31 2014
@@ -139,12 +139,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
      2.4.x patch: trunk patch works
      +1: jailletc36, jim, ylavic
 
-   * mod_proxy_html: Do not perform a p+= 7 that could go past the end of the buffer
-     trunk patch: https://svn.apache.org/r1584896
-     2.4.x patch: trunk patch works
-     +1: jailletc36, jim, ylavic
-
-
 PATCHES PROPOSED TO BACKPORT FROM TRUNK:
   [ New proposals should be added at the end of the list ]
 

Modified: httpd/httpd/branches/2.4.x/modules/filters/mod_proxy_html.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/filters/mod_proxy_html.c?rev=1587690&r1=1587689&r2=1587690&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/filters/mod_proxy_html.c (original)
+++ httpd/httpd/branches/2.4.x/modules/filters/mod_proxy_html.c Tue Apr 15 19:11:31 2014
@@ -670,8 +670,9 @@ static meta *metafix(request_rec *r, con
                     p += 7;
                     while (apr_isspace(*p))
                         ++p;
+                    /* XXX Should we search for another content= pattern? */
                     if (*p != '=')
-                        continue;
+                        break;
                     while (*p && apr_isspace(*++p));
                     if ((*p == '\'') || (*p == '"')) {
                         delim = *p++;