cvs commit: apache/src CHANGES mod_include.c
dgaudet 97/11/05 03:40:14
Modified:src Tag: APACHE_1_2_X CHANGES mod_include.c
Log:
mod_include did not properly handle all possible redirects from sub-reqs.
Submitted by: Ken Coar
Reviewed by: Dean Gaudet, Roy Fielding, Ralf Engelschall
Revision ChangesPath
No revision
No revision
1.286.2.57 +3 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.56
retrieving revision 1.286.2.57
diff -u -r1.286.2.56 -r1.286.2.57
--- CHANGES 1997/11/05 11:38:51 1.286.2.56
+++ CHANGES 1997/11/05 11:40:12 1.286.2.57
@@ -6,6 +6,9 @@
r-filename. Since those two are meant to be in sync with each other
this is a bug. [Paul B. Henson [EMAIL PROTECTED]]
+ *) mod_include did not properly handle all possible redirects from sub-
+ requests. [Ken Coar]
+
*) Inetd mode (which is buggy) uses timeouts without having setup the
jmpbuffer. [Dean Gaudet] PR#1064
1.33.2.6 +3 -1 apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.33.2.5
retrieving revision 1.33.2.6
diff -u -r1.33.2.5 -r1.33.2.6
--- mod_include.c 1997/07/31 08:50:02 1.33.2.5
+++ mod_include.c 1997/11/05 11:40:13 1.33.2.6
@@ -494,6 +494,7 @@
int include_cgi(char *s, request_rec *r)
{
request_rec *rr = sub_req_lookup_uri (s, r);
+int rr_status;
if (rr-status != 200) return -1;
@@ -515,7 +516,8 @@
/* Run it. */
-if (run_sub_req (rr) == REDIRECT) {
+rr_status = run_sub_req(rr);
+if (is_HTTP_REDIRECT(rr_status)) {
char *location = table_get (rr-headers_out, Location);
location = escape_html(rr-pool, location);
rvputs(r,A HREF=\, location, \, location, /A, NULL);
cvs commit: apache/src CHANGES mod_include.c
dgaudet 97/11/05 03:46:23 Modified:src Tag: APACHE_1_2_X CHANGES mod_include.c Log: fix bogus uninitialized data for and || PR: 1139 Submitted by: Brian Slesinsky [EMAIL PROTECTED] Reviewed by: Dean Gaudet, Roy Fielding, Ralf Engelschall Revision ChangesPath No revision No revision 1.286.2.59 +3 -0 apache/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache/src/CHANGES,v retrieving revision 1.286.2.58 retrieving revision 1.286.2.59 diff -u -r1.286.2.58 -r1.286.2.59 --- CHANGES 1997/11/05 11:43:13 1.286.2.58 +++ CHANGES 1997/11/05 11:46:20 1.286.2.59 @@ -1,5 +1,8 @@ Changes with Apache 1.2.5 + *) mod_include used uninitialized data for some uses of and ||. + [Brian Slesinsky [EMAIL PROTECTED]] PR#1139 + *) mod_imap should decline all non-GET methods. [Jay Bloodworth [EMAIL PROTECTED]] 1.33.2.7 +2 -0 apache/src/mod_include.c Index: mod_include.c === RCS file: /export/home/cvs/apache/src/mod_include.c,v retrieving revision 1.33.2.6 retrieving revision 1.33.2.7 diff -u -r1.33.2.6 -r1.33.2.7 --- mod_include.c 1997/11/05 11:40:13 1.33.2.6 +++ mod_include.c 1997/11/05 11:46:21 1.33.2.7 @@ -1334,6 +1334,7 @@ strncpy(current-left-token.value, buffer, MAX_STRING_LEN-1); current-left-token.value[MAX_STRING_LEN-1] = '\0'; + current-left-value = (current-token.value[0] != '\0'); current-left-done = 1; break; default: @@ -1349,6 +1350,7 @@ strncpy(current-right-token.value, buffer, MAX_STRING_LEN-1); current-right-token.value[MAX_STRING_LEN-1] = '\0'; + current-right-value = (current-token.value[0] != '\0'); current-right-done = 1; break; default:
cvs commit: apache/src CHANGES mod_include.c
rse 97/07/31 01:50:05
Modified:src Tag: APACHE_1_2_X CHANGES mod_include.c
Log:
handle_else was being used to handle endif.
Submitted by: Howard Fear
Reviewed by: Ralf S. Engelschall, Jim Jagielski, Randy Terbush
Revision ChangesPath
No revision
No revision
1.286.2.37 +4 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.36
retrieving revision 1.286.2.37
diff -u -r1.286.2.36 -r1.286.2.37
--- CHANGES 1997/07/31 08:43:13 1.286.2.36
+++ CHANGES 1997/07/31 08:50:01 1.286.2.37
@@ -1,5 +1,9 @@
Changes with Apache 1.2.2
+ *) mod_include cleanup showed that handle_else was being used to handle
+ endif. It didn't cause problems, but it was cleaned up too.
+ [Howard Fear]
+
*) Last official synchonisation of mod_rewrite with author version (because
mod_rewrite is now directly developed by the author at the Apache
Group):
o added diff between mod_rewrite 3.0.6+ and 3.0.9
1.33.2.5 +2 -2 apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.33.2.4
retrieving revision 1.33.2.5
diff -u -r1.33.2.4 -r1.33.2.5
--- mod_include.c 1997/07/20 18:24:25 1.33.2.4
+++ mod_include.c 1997/07/31 08:50:02 1.33.2.5
@@ -1589,6 +1589,7 @@
#ifdef DEBUG_INCLUDE
rvputs(r, endif conditional_status=\, *conditional_status ? 1 :
0, \\n, NULL);
#endif
+*printing = 1;
*conditional_status = 1;
return 0;
} else {
@@ -1704,8 +1705,7 @@
continue;
} else if(!strcmp(directive,endif)) {
if (!if_nesting) {
-ret=handle_else(f, r, error, conditional_status,
printing);
-printing = 1;
+ret = handle_endif(f, r, error, conditional_status,
printing);
} else {
if_nesting--;
}
cvs commit: apache/src CHANGES mod_include.c
dgaudet 97/07/28 01:46:45
Modified:src CHANGES mod_include.c
Log:
fixed unused handle_endif
Submitted by: Howard Fear
Reviewed by: Dean Gaudet, Marc Slemko
Revision ChangesPath
1.369 +4 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.368
retrieving revision 1.369
diff -u -r1.368 -r1.369
--- CHANGES 1997/07/27 02:38:03 1.368
+++ CHANGES 1997/07/28 08:46:41 1.369
@@ -1,5 +1,9 @@
Changes with Apache 1.3a2
+ *) mod_include cleanup showed that handle_else was being used to handle
+ endif. It didn't cause problems, but it was cleaned up too.
+ [Howard Fear]
+
*) mod_cern_meta would attempt to find meta files for the directory itself
in some cases, but not in others. It now avoids it in all cases.
[Dean Gaudet]
1.45 +2 -2 apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- mod_include.c 1997/07/27 01:43:26 1.44
+++ mod_include.c 1997/07/28 08:46:42 1.45
@@ -1728,6 +1728,7 @@
#ifdef DEBUG_INCLUDE
rvputs(r, endif conditional_status=\, *conditional_status ? 1 :
0, \\n, NULL);
#endif
+*printing = 1;
*conditional_status = 1;
return 0;
} else {
@@ -1843,8 +1844,7 @@
continue;
} else if (!strcmp(directive, endif)) {
if (!if_nesting) {
-ret = handle_else(f, r, error, conditional_status,
printing);
-printing = 1;
+ret = handle_endif(f, r, error, conditional_status,
printing);
} else {
if_nesting--;
}
cvs commit: apache/src CHANGES mod_include.c
dgaudet 97/07/20 11:24:28
Modified:src Tag: APACHE_1_2_X CHANGES mod_include.c
Log:
fixup of mod_include logging
Reviewed by: Jim Jagielski, Dean Gaudet
Submitted by: Marc Slemko
PR: 797
Revision ChangesPath
No revision
No revision
1.286.2.30 +3 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.29
retrieving revision 1.286.2.30
diff -C3 -r1.286.2.29 -r1.286.2.30
*** CHANGES 1997/07/20 18:22:02 1.286.2.29
--- CHANGES 1997/07/20 18:24:24 1.286.2.30
***
*** 1,5
--- 1,8
Changes with Apache 1.2.2
+ *) mod_include would log some bogus values occasionally.
+ [Skip Montanaro [EMAIL PROTECTED], Marc Slemko] PR#797
+
*) PORT: The slack fd changes in 1.2.1 introduced a problem with SIGHUP
under Solaris 2.x (up through 2.5.1). It has been fixed.
[Dean Gaudet] PR#832
1.33.2.4 +40 -36apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.33.2.3
retrieving revision 1.33.2.4
diff -C3 -r1.33.2.3 -r1.33.2.4
*** mod_include.c 1997/06/28 22:01:42 1.33.2.3
--- mod_include.c 1997/07/20 18:24:25 1.33.2.4
***
*** 458,464
var[vlen] = vtext[vtlen] = '\0';
if (braces == 1) {
if (*in != '}') {
! log_printf(r-server, Invalid variable %s%s,
vtext,in);
*next = '\0';
return;
} else
--- 458,464
var[vlen] = vtext[vtlen] = '\0';
if (braces == 1) {
if (*in != '}') {
! log_printf(r-server, Invalid variable \%s%s\,
vtext,in);
*next = '\0';
return;
} else
***
*** 545,563
char tmp[MAX_STRING_LEN+2];
ap_snprintf(tmp, sizeof(tmp), /%s/, parsed_string);
if (parsed_string[0] == '/' || strstr(tmp, /../) != NULL)
! error_fmt = unable to include file %s in parsed file %s;
else
rr = sub_req_lookup_file (parsed_string, r);
} else
rr = sub_req_lookup_uri (parsed_string, r);
if (!error_fmt rr-status != 200)
! error_fmt = unable to include %s in parsed file %s;
if (!error_fmt noexec rr-content_type
(strncmp (rr-content_type, text/, 5)))
error_fmt =
! unable to include potential exec %s in parsed file %s;
if (error_fmt == NULL)
{
request_rec *p;
--- 545,563
char tmp[MAX_STRING_LEN+2];
ap_snprintf(tmp, sizeof(tmp), /%s/, parsed_string);
if (parsed_string[0] == '/' || strstr(tmp, /../) != NULL)
! error_fmt = unable to include file \%s\ in parsed file
%s;
else
rr = sub_req_lookup_file (parsed_string, r);
} else
rr = sub_req_lookup_uri (parsed_string, r);
if (!error_fmt rr-status != 200)
! error_fmt = unable to include \%s\ in parsed file %s;
if (!error_fmt noexec rr-content_type
(strncmp (rr-content_type, text/, 5)))
error_fmt =
! unable to include potential exec \%s\ in parsed file %s;
if (error_fmt == NULL)
{
request_rec *p;
***
*** 565,575
for (p=r; p != NULL; p=p-main)
if (strcmp(p-filename, rr-filename) == 0) break;
if (p != NULL)
! error_fmt = Recursive include of %s in parsed file %s;
}
if (!error_fmt run_sub_req (rr))
! error_fmt = unable to include %s in parsed file %s;
chdir_file(r-filename);
if (error_fmt) {
--- 565,575
for (p=r; p != NULL; p=p-main)
if (strcmp(p-filename, rr-filename) == 0) break;
if (p != NULL)
! error_fmt = Recursive include of \%s\ in parsed file
%s;
}
if (!error_fmt run_sub_req (rr))
! error_fmt = unable to include \%s\ in parsed file %s;
chdir_file(r-filename);
if (error_fmt) {
cvs commit: apache/src CHANGES mod_include.c
dgaudet 97/06/28 15:01:44
Modified:src Tag: APACHE_1_2_X CHANGES mod_include.c
Log:
PR#644: mod_include trampled on r-args when it shouldn't
Revision ChangesPath
No revision
No revision
1.286.2.16 +3 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.286.2.15
retrieving revision 1.286.2.16
diff -C3 -r1.286.2.15 -r1.286.2.16
*** CHANGES 1997/06/28 22:00:15 1.286.2.15
--- CHANGES 1997/06/28 22:01:41 1.286.2.16
***
*** 20,25
--- 20,28
for the net if we require people that actually need this data to
enable it. [Linus Torvalds]
+ *) QUERY_STRING was unescaped in mod_include, it shouldn't be.
+ [Dean Gaudet] PR#644
+
*) mod_include was not properly changing the current directory.
[Marc Slemko] PR#742
1.33.2.3 +12 -6 apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.33.2.2
retrieving revision 1.33.2.3
diff -C3 -r1.33.2.2 -r1.33.2.3
*** mod_include.c 1997/06/28 19:50:15 1.33.2.2
--- mod_include.c 1997/06/28 22:01:42 1.33.2.3
***
*** 128,136
else
table_set (e, DOCUMENT_NAME, r-uri);
if (r-args) {
! unescape_url (r-args);
table_set (e, QUERY_STRING_UNESCAPED,
!escape_shell_cmd (r-pool, r-args));
}
}
--- 128,138
else
table_set (e, DOCUMENT_NAME, r-uri);
if (r-args) {
! char *arg_copy = pstrdup (r-pool, r-args);
!
! unescape_url (arg_copy);
table_set (e, QUERY_STRING_UNESCAPED,
!escape_shell_cmd (r-pool, arg_copy));
}
}
***
*** 625,634
}
if (r-args) {
table_set (env, QUERY_STRING, r-args);
! unescape_url (r-args);
table_set (env, QUERY_STRING_UNESCAPED,
!escape_shell_cmd (r-pool, r-args));
}
error_log2stderr (r-server);
--- 627,638
}
if (r-args) {
+ char *arg_copy = pstrdup (r-pool, r-args);
+
table_set (env, QUERY_STRING, r-args);
! unescape_url (arg_copy);
table_set (env, QUERY_STRING_UNESCAPED,
!escape_shell_cmd (r-pool, arg_copy));
}
error_log2stderr (r-server);
***
*** 1666,1675
chdir_file (r-filename);
if (r-args) { /* add QUERY stuff to env cause it ain't yet */
table_set (r-subprocess_env, QUERY_STRING, r-args);
! unescape_url (r-args);
table_set (r-subprocess_env, QUERY_STRING_UNESCAPED,
! escape_shell_cmd (r-pool, r-args));
}
while(1) {
--- 1670,1681
chdir_file (r-filename);
if (r-args) { /* add QUERY stuff to env cause it ain't yet */
+ char *arg_copy = pstrdup (r-pool, r-args);
+
table_set (r-subprocess_env, QUERY_STRING, r-args);
! unescape_url (arg_copy);
table_set (r-subprocess_env, QUERY_STRING_UNESCAPED,
! escape_shell_cmd (r-pool, arg_copy));
}
while(1) {
cvs commit: apache/src CHANGES mod_include.c
fielding97/05/28 21:23:13
Modified:src CHANGES mod_include.c
Log:
If Options Includes and USE_PERL_SSI is defined, allow #perl SSI to
invoke routines governed by mod_perl.
Submitted by: Rob Hartill
Reviewed by: Randy Terbush, Doug MacEachern, Roy Fielding
Revision ChangesPath
1.282 +3 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.281
retrieving revision 1.282
diff -C3 -r1.281 -r1.282
*** CHANGES 1997/05/29 03:44:30 1.281
--- CHANGES 1997/05/29 04:23:11 1.282
***
*** 1,5
--- 1,8
Changes with Apache 1.2
+ *) Added undocumented perl SSI mechanism for -DUSE_PERL_SSI and mod_perl.
+ [Rob Hartill]
+
*) Log correct status code if we timeout before receiving a request (408)
or if we received a request-line that was too long to process (414).
[Ed Korthof and Roy Fielding] PR#601
1.32 +46 -0 apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -C3 -r1.31 -r1.32
*** mod_include.c 1997/05/08 13:09:25 1.31
--- mod_include.c 1997/05/29 04:23:12 1.32
***
*** 57,63
--- 57,78
* incorporated into the Apache module framework by rst.
*
*/
+ /*
+ * sub key may be anything a Perl*Handler can be:
+ * subroutine name, package name (defaults to package::handler),
+ * Class-method call or anoymous sub {}
+ *
+ * Child !--#perl sub=sub {print $$} -- accessed
+ * !--#perl sub=sub {print ++$Access::Cnt } -- times. br
+ *
+ * !--#perl arg=one sub=mymod::includer --
+ *
+ * -Doug MacEachern
+ */
+ #ifdef USE_PERL_SSI
+ #include modules/perl/mod_perl.h
+ #else
#include httpd.h
#include http_config.h
#include http_request.h
***
*** 66,71
--- 81,87
#include http_log.h
#include http_main.h
#include util_script.h
+ #endif
#define STARTING_SEQUENCE !--#
#define ENDING_SEQUENCE --
***
*** 710,715
--- 726,757
}
}
}
+ #ifdef USE_PERL_SSI
+ int handle_perl (FILE *in, request_rec *r, char *error) {
+ char tag[MAX_STRING_LEN];
+ char *tag_val;
+ SV *sub = Nullsv;
+ AV *av = newAV();
+
+ if (!(allow_options (r) OPT_INCLUDES)) {
+ log_printf(r-server,
+ httpd: #perl SSI disallowed by IncludesNoExec in %s,
r-filename);
+ return DECLINED;
+ }
+ while(1) {
+ if(!(tag_val = get_tag (r-pool, in, tag, MAX_STRING_LEN, 1)))
+ break;
+ if(strnEQ(tag, sub, 3))
+ sub = newSVpv(tag_val,0);
+ else if(strnEQ(tag, arg, 3))
+ av_push(av, newSVpv(tag_val,0));
+ else if(strnEQ(tag,done, 4))
+ break;
+ }
+ perl_call_handler(sub, r, av);
+ return OK;
+ }
+ #endif
/* error and tf must point to a string with room for at
* least MAX_STRING_LEN characters
***
*** 1674,1679
--- 1716,1725
ret=handle_flastmod(f, r, error, timefmt);
else if(!strcmp(directive,printenv))
ret=handle_printenv(f, r, error);
+ #ifdef USE_PERL_SSI
+ else if(!strcmp(directive,perl))
+ ret=handle_perl(f, r, error);
+ #endif
else {
log_printf(r-server,
httpd: unknown directive %s in parsed doc %s,
cvs commit: apache/src CHANGES mod_include.c
marc97/02/19 00:18:58
Modified:src CHANGES mod_include.c
Log:
Modify mod_include escaping so a '\' only signifies an escaped
character if the next character is one that needs escaping.
Reviewed by: Dean Gaudet, Roy Fielding, Marc Slemko
Submitted by: Ben Laurie
Revision ChangesPath
1.169 +4 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.168
retrieving revision 1.169
diff -C3 -r1.168 -r1.169
*** CHANGES 1997/02/18 14:41:28 1.168
--- CHANGES 1997/02/19 08:18:56 1.169
***
*** 1,5
--- 1,9
Changes with Apache 1.2b7
+ *) Modify mod_include escaping so a '\' only signifies an escaped
+ character if the next character is one that needs
+ escaping. [Ben Laurie]
+
*) Eliminated possible infinite loop in mod_imap when relative URLs are
used with a 'base' directive that does not have a '/' in it.
[Marc Slemko, reported by Onno Witvliet [EMAIL PROTECTED]]
1.24 +4 -1 apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -C3 -r1.23 -r1.24
*** mod_include.c 1997/02/17 10:56:19 1.23
--- mod_include.c 1997/02/19 08:18:56 1.24
***
*** 404,410
while ((ch = *in++) != '\0') {
switch(ch) {
case '\\':
! *next++ = (*in != '\0') ? *in++ : '\0';
break;
case '$':
{
--- 404,413
while ((ch = *in++) != '\0') {
switch(ch) {
case '\\':
! if(*in == '$')
! *next++=*in++;
! else
! *next++=ch;
break;
case '$':
{
cvs commit: apache/src CHANGES mod_include.c
fielding97/02/16 21:22:58
Modified:src CHANGES mod_include.c
Log:
Added double-buffering to mod_include to improve performance on
server-side includes.
Submitted by: Marc Slemko
Reviewed by: Roy Fielding, Brian Behlendorf, Dean Gaudet
Revision ChangesPath
1.166 +3 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.165
retrieving revision 1.166
diff -C3 -r1.165 -r1.166
*** CHANGES 1997/02/17 04:52:38 1.165
--- CHANGES 1997/02/17 05:22:56 1.166
***
*** 33,38
--- 33,41
auto initializers, multiple is_matchexp calls on a static string,
and excessive merging of response_code_strings. [Dean Gaudet]
+ *) Added double-buffering to mod_include to improve performance on
+ server-side includes. [Marc Slemko]
+
*) Several fixes for suexec wrapper. [Randy Terbush]
- Make wrapper work for files on NFS filesystem.
- Fix portability problem of MAXPATHLEN.
1.22 +67 -14apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.21
retrieving revision 1.22
diff -C3 -r1.21 -r1.22
*** mod_include.c 1997/01/20 04:28:13 1.21
--- mod_include.c 1997/02/17 05:22:57 1.22
***
*** 113,156
}
}
! #define GET_CHAR(f,c,r,p) \
{ \
int i = getc(f); \
!if(feof(f) || ferror(f) || (i == -1)) { \
! pfclose(p,f); \
! return r; \
} \
c = (char)i; \
}
- /* --- Parser functions ---
*/
-
- /* G... rputc makes this slow as all-get-out. Elsewhere, it doesn't
- * matter much, but this is an inner loop...
- */
-
int find_string(FILE *in,char *str, request_rec *r, int printing) {
int x,l=strlen(str),p;
char c;
p=0;
while(1) {
! GET_CHAR(in,c,1,r-pool);
if(c == str[p]) {
! if((++p) == l)
return 0;
}
else {
if (printing) {
for(x=0;xp;x++) {
! rputc(str[x],r);
}
! rputc(c,r);
}
p=0;
}
}
}
/*
* decodes a string containing html entities or numeric character
references.
--- 113,209
}
}
!
!
! /* --- Parser functions ---
*/
!
! #define OUTBUFSIZE 4096
! /* PUT_CHAR and FLUSH_BUF currently only work within the scope of
! * find_string(); they are hacks to avoid calling rputc for each and
! * every character output. A common set of buffering calls for this
! * type of output SHOULD be implemented.
! */
! #define PUT_CHAR(c,r) \
! { \
!outbuf[outind++] = c; \
!if (outind == OUTBUFSIZE) { FLUSH_BUF(r) }; \
! }
!
! /* there SHOULD be some error checking on the return value of
! * rwrite, however it is unclear what the API for rwrite returning
! * errors is and little can really be done to help the error in
! * any case.
! */
! #define FLUSH_BUF(r) \
! { \
!rwrite(outbuf, outind, r); \
!outind = 0; \
! }
!
! /*
! * f: file handle being read from
! * c: character to read into
! * ret: return value to use if input fails
! * r: current request_rec
! *
! * This macro is redefined after find_string() for historical reasons
! * to avoid too many code changes. This is one of the many things
! * that should be fixed.
! */
! #define GET_CHAR(f,c,ret,r) \
{ \
int i = getc(f); \
!if(i == EOF) { /* either EOF or error -- needs error handling if latter
*/ \
!if (ferror(f)) \
!fprintf(stderr, encountered error in GET_CHAR macro,
mod_include.\n); \
!FLUSH_BUF(r); \
!pfclose(r-pool,f); \
!return ret; \
} \
c = (char)i; \
}
int find_string(FILE *in,char *str, request_rec *r, int printing) {
int x,l=strlen(str),p;
+ char outbuf[OUTBUFSIZE];
+ int outind = 0;
char c;
p=0;
while(1) {
! GET_CHAR(in,c,1,r);
if(c == str[p]) {
! if((++p) == l) {
! FLUSH_BUF(r);
return 0;
+ }
}
else {
if (printing) {
for(x=0;xp;x++) {
! PUT_CHAR(str[x],r);
}
! PUT_CHAR(c,r);
}
p=0;
}
}
}
+
+
cvs commit: apache/src CHANGES mod_include.c
randy 96/12/24 11:53:06
Modified:src CHANGES mod_include.c
Log:
find_string() dereferences a NULL pointer when printing during an error.
Reviewed by: Chuck Murcko, Randy Terbush
Submitted by: Howard Fear
Revision ChangesPath
1.100 +2 -0 apache/src/CHANGES
Index: CHANGES
===
RCS file: /export/home/cvs/apache/src/CHANGES,v
retrieving revision 1.99
retrieving revision 1.100
diff -C3 -r1.99 -r1.100
*** CHANGES 1996/12/24 19:43:47 1.99
--- CHANGES 1996/12/24 19:53:04 1.100
***
*** 1,5
--- 1,7
Changes with Apache 1.2b3:
+ *) Fix find_string() NULL pointer dereference. [Howard Fear]
+
*) Add set_flag_slot() at the request of Dirk and others.
[Dirk vanGulik]
1.19 +6 -8 apache/src/mod_include.c
Index: mod_include.c
===
RCS file: /export/home/cvs/apache/src/mod_include.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -C3 -r1.18 -r1.19
*** mod_include.c 1996/12/09 04:54:22 1.18
--- mod_include.c 1996/12/24 19:53:04 1.19
***
*** 141,153
return 0;
}
else {
! if(r) {
! if(p) {
! for(x=0;xp;x++) {
! if (printing) rputc(str[x],r);
! }
}
! if (printing) rputc(c,r);
}
p=0;
}
--- 141,151
return 0;
}
else {
! if (printing) {
! for(x=0;xp;x++) {
! rputc(str[x],r);
}
! rputc(c,r);
}
p=0;
}
***
*** 1590,1596
log_printf(r-server,httpd: exec used but not allowed
in %s,
r-filename);
if (printing) rputs(error, r);
! ret = find_string(f,ENDING_SEQUENCE,NULL,printing);
} else
ret=handle_exec(f, r, error);
} else if(!strcmp(directive,config))
--- 1588,1594
log_printf(r-server,httpd: exec used but not allowed
in %s,
r-filename);
if (printing) rputs(error, r);
! ret = find_string(f,ENDING_SEQUENCE,r,0);
} else
ret=handle_exec(f, r, error);
} else if(!strcmp(directive,config))
***
*** 1612,1618
httpd: unknown directive %s in parsed doc %s,
directive,r-filename);
if (printing) rputs(error, r);
! ret=find_string(f,ENDING_SEQUENCE,NULL,printing);
}
if(ret) {
log_printf(r-server,httpd: premature EOF in parsed file
%s,
--- 1610,1616
httpd: unknown directive %s in parsed doc %s,
directive,r-filename);
if (printing) rputs(error, r);
! ret=find_string(f,ENDING_SEQUENCE,r,0);
}
if(ret) {
log_printf(r-server,httpd: premature EOF in parsed file
%s,
