dgaudet 99/05/05 10:46:08
Modified: src CHANGES src/modules/standard mod_include.c Log: mod_include's fsize/flastmod should allow only relative paths, just like "include file". This bug was introduced during the 1.98 -> 1.99 rev of mod_include. Submitted by: Jaroslav Benkovsky <[EMAIL PROTECTED]> Revision Changes Path 1.1347 +3 -0 apache-1.3/src/CHANGES Index: CHANGES =================================================================== RCS file: /home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1346 retrieving revision 1.1347 diff -u -r1.1346 -r1.1347 --- CHANGES 1999/05/04 11:21:07 1.1346 +++ CHANGES 1999/05/05 17:46:05 1.1347 @@ -1,5 +1,8 @@ Changes with Apache 1.3.7 + *) mod_include's fsize/flastmod should allow only relative paths, just + like "include file". [Jaroslav Benkovsky <[EMAIL PROTECTED]>] + *) OS/2: Add support for building loadable modules using DLLs. [Brian Havard] 1.114 +26 -20 apache-1.3/src/modules/standard/mod_include.c Index: mod_include.c =================================================================== RCS file: /home/cvs/apache-1.3/src/modules/standard/mod_include.c,v retrieving revision 1.113 retrieving revision 1.114 diff -u -r1.113 -r1.114 --- mod_include.c 1999/04/27 20:36:35 1.113 +++ mod_include.c 1999/05/05 17:46:07 1.114 @@ -1045,35 +1045,41 @@ static int find_file(request_rec *r, const char *directive, const char *tag, char *tag_val, struct stat *finfo, const char *error) { - char *to_send; - request_rec *rr; + char *to_send = tag_val; + request_rec *rr = NULL; int ret=0; + char *error_fmt = NULL; if (!strcmp(tag, "file")) { - ap_getparents(tag_val); /* get rid of any nasties */ - - rr = ap_sub_req_lookup_file(tag_val, r); + /* be safe; only files in this directory or below allowed */ + if (!is_only_below(tag_val)) { + error_fmt = "unable to access file \"%s\" " + "in parsed file %s"; + } + else { + ap_getparents(tag_val); /* get rid of any nasties */ + rr = ap_sub_req_lookup_file(tag_val, r); - if (rr->status == HTTP_OK && rr->finfo.st_mode != 0) { - to_send = rr->filename; - if ((ret = stat(to_send, finfo)) == -1) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, r, - "unable to get information about \"%s\" " - "in parsed file %s", - to_send, r->filename); - ap_rputs(error, r); + if (rr->status == HTTP_OK && rr->finfo.st_mode != 0) { + to_send = rr->filename; + if (stat(to_send, finfo)) { + error_fmt = "unable to get information about \"%s\" " + "in parsed file %s"; + } + } + else { + error_fmt = "unable to lookup information about \"%s\" " + "in parsed file %s"; } } - else { + + if (error_fmt) { ret = -1; - ap_log_rerror(APLOG_MARK, APLOG_ERR, r, - "unable to lookup information about \"%s\" " - "in parsed file %s", - tag_val, r->filename); + ap_log_rerror(APLOG_MARK, APLOG_ERR, r, error_fmt, to_send, r->filename); ap_rputs(error, r); } - - ap_destroy_sub_req(rr); + + if (rr) ap_destroy_sub_req(rr); return ret; }