You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by yl...@apache.org on 2020/06/24 12:11:08 UTC

svn commit: r1879147 - /httpd/httpd/trunk/server/request.c

Author: ylavic
Date: Wed Jun 24 12:11:08 2020
New Revision: 1879147

URL: http://svn.apache.org/viewvc?rev=1879147&view=rev
Log:
Follow up to r1879079: fail early if URI path resolves above root.

Don't let it through as "/".

Modified:
    httpd/httpd/trunk/server/request.c

Modified: httpd/httpd/trunk/server/request.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/request.c?rev=1879147&r1=1879146&r2=1879147&view=diff
==============================================================================
--- httpd/httpd/trunk/server/request.c (original)
+++ httpd/httpd/trunk/server/request.c Wed Jun 24 12:11:08 2020
@@ -192,15 +192,16 @@ AP_DECLARE(int) ap_process_request_inter
     int file_req = (r->main && r->filename);
     core_server_config *sconf =
         ap_get_core_module_config(r->server->module_config);
-    unsigned int normalize_flags = 0;
+    unsigned int normalize_flags;
 
+    normalize_flags = AP_NORMALIZE_NOT_ABOVE_ROOT;
+    if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) { 
+        normalize_flags |= AP_NORMALIZE_MERGE_SLASHES;
+    }
     if (file_req) {
         /* File subrequests can have a relative path. */
         normalize_flags |= AP_NORMALIZE_ALLOW_RELATIVE;
     }
-    if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) { 
-        normalize_flags |= AP_NORMALIZE_MERGE_SLASHES;
-    }
 
     if (r->parsed_uri.path) {
         /* Normalize: remove /./ and shrink /../ segments, plus