dgaudet 98/01/14 13:01:09
Modified: . STATUS
src CHANGES
src/main util_script.c
Log:
protect environment variable names from having bad things in them
Reviewed by: Martin Kraemer, Jim Jagielski
Revision Changes Path
1.92 +1 -4 apachen/STATUS
Index: STATUS
===================================================================
RCS file: /export/home/cvs/apachen/STATUS,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -r1.91 -r1.92
--- STATUS 1998/01/14 16:41:34 1.91
+++ STATUS 1998/01/14 21:01:03 1.92
@@ -81,12 +81,9 @@
* Dean's [PATCH] make mod_rewrite use ap_cpystrn
* Martin's [PORT] Make apache compile & run on an EBCDIC mainframe
* Martin's [PATCH] mod_speling [300] Multiple Choices bug (Take 2)
+ * Dean's [PATCH] protect the environment
Available Patches:
-
- * Dean's [PATCH] protect the environment
- <[EMAIL PROTECTED]>
- Status: Dean +1, Martin +1, Jim +1
* Dean's [PATCH] MONCONTROL for profiling children
<[EMAIL PROTECTED]>
1.566 +9 -0 apachen/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apachen/src/CHANGES,v
retrieving revision 1.565
retrieving revision 1.566
diff -u -r1.565 -r1.566
--- CHANGES 1998/01/13 23:29:10 1.565
+++ CHANGES 1998/01/14 21:01:06 1.566
@@ -1,5 +1,14 @@
Changes with Apache 1.3b4
+ *) For maximum portability, the environment passed to CGIs should
+ only contain variables whose names match the regex
+ /[a-zA-Z][a-zA-Z0-9_]*/. This is now enforced by stamping
+ underscores over any character outside the regex. This
+ affects HTTP_* variables, in a way that should be backward
+ compatible for all the standard headers; and affects variables
+ set with SetEnv/BrowserMatch and similar directives.
+ [Dean Gaudet]
+
*) Mod_speling returned incorrect HREF's when an ambigous match
was found. Noticed by <[EMAIL PROTECTED]> (Soeren Ziehe)
[EMAIL PROTECTED] (Soeren Ziehe), Martin Kraemer]
1.91 +19 -4 apachen/src/main/util_script.c
Index: util_script.c
===================================================================
RCS file: /export/home/cvs/apachen/src/main/util_script.c,v
retrieving revision 1.90
retrieving revision 1.91
diff -u -r1.90 -r1.91
--- util_script.c 1998/01/11 20:55:19 1.90
+++ util_script.c 1998/01/14 21:01:08 1.91
@@ -129,11 +129,14 @@
char *res = pstrcat(a, "HTTP_", w, NULL);
char *cp = res;
- while (*++cp)
- if (*cp == '-')
+ while (*++cp) {
+ if (!isalnum(*cp) && *cp != '_') {
*cp = '_';
- else
+ }
+ else {
*cp = toupper(*cp);
+ }
+ }
return res;
}
@@ -145,6 +148,7 @@
char **env = (char **) palloc(p, (env_arr->nelts + 2) * sizeof(char *));
int i, j;
char *tz;
+ char *whack;
j = 0;
tz = getenv("TZ");
@@ -153,7 +157,18 @@
for (i = 0; i < env_arr->nelts; ++i) {
if (!elts[i].key)
continue;
- env[j++] = pstrcat(p, elts[i].key, "=", elts[i].val, NULL);
+ env[j] = pstrcat(p, elts[i].key, "=", elts[i].val, NULL);
+ whack = env[j];
+ if (isdigit(*whack)) {
+ *whack++ = '_';
+ }
+ while (*whack != '=') {
+ if (!isalnum(*whack) && *whack != '_') {
+ *whack = '_';
+ }
+ ++whack;
+ }
+ ++j;
}
env[j] = NULL;
