rse 97/08/01 01:48:19
Modified: src Tag: APACHE_1_2_X CHANGES mod_imap.c
Log:
Fixed an infinite loop for references above the server root.
PR: 748
Submitted by: Dean Gaudet
Reviewed by: Brian Behlendorf
Revision Changes Path
No revision
No revision
1.286.2.38 +3 -0 apache/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.37
retrieving revision 1.286.2.38
diff -u -r1.286.2.37 -r1.286.2.38
--- CHANGES 1997/07/31 08:50:01 1.286.2.37
+++ CHANGES 1997/08/01 08:48:16 1.286.2.38
@@ -1,5 +1,8 @@
Changes with Apache 1.2.2
+ *) Fixed an infinite loop in mod_imap for references above the server root
+ [Dean Gaudet] PR#748
+
*) mod_include cleanup showed that handle_else was being used to handle
endif. It didn't cause problems, but it was cleaned up too.
[Howard Fear]
1.21.2.1 +4 -0 apache/src/mod_imap.c
Index: mod_imap.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_imap.c,v
retrieving revision 1.21
retrieving revision 1.21.2.1
diff -u -r1.21 -r1.21.2.1
--- mod_imap.c 1997/04/12 04:24:58 1.21
+++ mod_imap.c 1997/08/01 08:48:17 1.21.2.1
@@ -475,6 +475,10 @@
}
value += 2; /* jump over the '..' that we found in the value */
+ } else if (directory) {
+ url[0] = '\0';
+ log_reason("invalid directory name in map file", r->uri, r);
+ return;
}
if (! strncmp(value, "/../", 4) || ! strcmp(value, "/..") )
