You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2020/06/24 12:11:08 UTC
svn commit: r1879147 - /httpd/httpd/trunk/server/request.c
Author: ylavic
Date: Wed Jun 24 12:11:08 2020
New Revision: 1879147
URL: http://svn.apache.org/viewvc?rev=1879147&view=rev
Log:
Follow up to r1879079: fail early if URI path resolves above root.
Don't let it through as "/".
Modified:
httpd/httpd/trunk/server/request.c
Modified: httpd/httpd/trunk/server/request.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/request.c?rev=1879147&r1=1879146&r2=1879147&view=diff
==============================================================================
--- httpd/httpd/trunk/server/request.c (original)
+++ httpd/httpd/trunk/server/request.c Wed Jun 24 12:11:08 2020
@@ -192,15 +192,16 @@ AP_DECLARE(int) ap_process_request_inter
int file_req = (r->main && r->filename);
core_server_config *sconf =
ap_get_core_module_config(r->server->module_config);
- unsigned int normalize_flags = 0;
+ unsigned int normalize_flags;
+ normalize_flags = AP_NORMALIZE_NOT_ABOVE_ROOT;
+ if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) {
+ normalize_flags |= AP_NORMALIZE_MERGE_SLASHES;
+ }
if (file_req) {
/* File subrequests can have a relative path. */
normalize_flags |= AP_NORMALIZE_ALLOW_RELATIVE;
}
- if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) {
- normalize_flags |= AP_NORMALIZE_MERGE_SLASHES;
- }
if (r->parsed_uri.path) {
/* Normalize: remove /./ and shrink /../ segments, plus