dgaudet 98/01/14 13:01:09
Modified: . STATUS src CHANGES src/main util_script.c Log: protect environment variable names from having bad things in them Reviewed by: Martin Kraemer, Jim Jagielski Revision Changes Path 1.92 +1 -4 apachen/STATUS Index: STATUS =================================================================== RCS file: /export/home/cvs/apachen/STATUS,v retrieving revision 1.91 retrieving revision 1.92 diff -u -r1.91 -r1.92 --- STATUS 1998/01/14 16:41:34 1.91 +++ STATUS 1998/01/14 21:01:03 1.92 @@ -81,12 +81,9 @@ * Dean's [PATCH] make mod_rewrite use ap_cpystrn * Martin's [PORT] Make apache compile & run on an EBCDIC mainframe * Martin's [PATCH] mod_speling [300] Multiple Choices bug (Take 2) + * Dean's [PATCH] protect the environment Available Patches: - - * Dean's [PATCH] protect the environment - <[EMAIL PROTECTED]> - Status: Dean +1, Martin +1, Jim +1 * Dean's [PATCH] MONCONTROL for profiling children <[EMAIL PROTECTED]> 1.566 +9 -0 apachen/src/CHANGES Index: CHANGES =================================================================== RCS file: /export/home/cvs/apachen/src/CHANGES,v retrieving revision 1.565 retrieving revision 1.566 diff -u -r1.565 -r1.566 --- CHANGES 1998/01/13 23:29:10 1.565 +++ CHANGES 1998/01/14 21:01:06 1.566 @@ -1,5 +1,14 @@ Changes with Apache 1.3b4 + *) For maximum portability, the environment passed to CGIs should + only contain variables whose names match the regex + /[a-zA-Z][a-zA-Z0-9_]*/. This is now enforced by stamping + underscores over any character outside the regex. This + affects HTTP_* variables, in a way that should be backward + compatible for all the standard headers; and affects variables + set with SetEnv/BrowserMatch and similar directives. + [Dean Gaudet] + *) Mod_speling returned incorrect HREF's when an ambigous match was found. Noticed by <[EMAIL PROTECTED]> (Soeren Ziehe) [EMAIL PROTECTED] (Soeren Ziehe), Martin Kraemer] 1.91 +19 -4 apachen/src/main/util_script.c Index: util_script.c =================================================================== RCS file: /export/home/cvs/apachen/src/main/util_script.c,v retrieving revision 1.90 retrieving revision 1.91 diff -u -r1.90 -r1.91 --- util_script.c 1998/01/11 20:55:19 1.90 +++ util_script.c 1998/01/14 21:01:08 1.91 @@ -129,11 +129,14 @@ char *res = pstrcat(a, "HTTP_", w, NULL); char *cp = res; - while (*++cp) - if (*cp == '-') + while (*++cp) { + if (!isalnum(*cp) && *cp != '_') { *cp = '_'; - else + } + else { *cp = toupper(*cp); + } + } return res; } @@ -145,6 +148,7 @@ char **env = (char **) palloc(p, (env_arr->nelts + 2) * sizeof(char *)); int i, j; char *tz; + char *whack; j = 0; tz = getenv("TZ"); @@ -153,7 +157,18 @@ for (i = 0; i < env_arr->nelts; ++i) { if (!elts[i].key) continue; - env[j++] = pstrcat(p, elts[i].key, "=", elts[i].val, NULL); + env[j] = pstrcat(p, elts[i].key, "=", elts[i].val, NULL); + whack = env[j]; + if (isdigit(*whack)) { + *whack++ = '_'; + } + while (*whack != '=') { + if (!isalnum(*whack) && *whack != '_') { + *whack = '_'; + } + ++whack; + } + ++j; } env[j] = NULL;