> Without checking that user is not NULL. Under normal use this probably > never happens, but if another module handles the check_user_id, returns OK > but neglects to set r->user, AND there exists a "require user ..."
Which is not uncommon in some commercial models which will fill out the data later in the chain.. (or because they do not have the concept of a single uid style 'user' yet use the auth handler). > directive, the above will segfault. This is a situation possible to run .. > if (!user) { > ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, > "access to %s failed, reason: r->user is not set!", > r->uri); > return HTTP_INTERNAL_SERVER_ERROR; > } Actualy I'd be happier if the strcmp() would becomce if (user && !strcmp(r->user,user) as that does not break existing modules -and- keeps the semantics of "require user" to be functional. On the other hand - this is in the 2.x branch - so you could argue that r->user MUST be filled out by auth modules (even if they do not really have the concept of a user!) if they return OK. _IF_ you document that - then by all means - the above HTTP_INTERNAL_SERVER_ERROR is the right thing to do. Dw.