find_default_item passes an imperfect request_rec to find_item. find_item calls ap_field_noparam with uninitialized memory pool (r->pool). Though this doesn't matter since ap_field_noparam simply returns NULL when the 2nd argument is NULL, IMHO this should be fixed. The attached patch makes find_default_item stop create reqest_rec.
static char *find_item(request_rec *r, apr_array_header_t *list, int path_only) { const char *content_type = ap_field_noparam(r->pool, r->content_type); [cut] static char *find_default_item(char *bogus_name, apr_array_header_t *list) { request_rec r; /* Bleah. I tried to clean up find_item, and it lead to this bit * of ugliness. Note that the fields initialized are precisely * those that find_item looks at... */ r.filename = bogus_name; r.content_type = r.content_encoding = NULL; return find_item(&r, list, 1); }
Index: mod_autoindex.c =================================================================== --- mod_autoindex.c (revision 710023) +++ mod_autoindex.c (working copy) @@ -750,12 +750,9 @@ int isdir; }; -static char *find_item(request_rec *r, apr_array_header_t *list, int path_only) +static char *find_item_core(const char *content_type_noparam, const char *content_encoding, + const char *path, apr_array_header_t *list, int path_only) { - const char *content_type = ap_field_noparam(r->pool, r->content_type); - const char *content_encoding = r->content_encoding; - char *path = r->filename; - struct item *items = (struct item *) list->elts; int i; @@ -775,8 +772,8 @@ else if (!path_only) { if (!content_encoding) { if (p->type == BY_TYPE) { - if (content_type - && !ap_strcasecmp_match(content_type, + if (content_type_noparam + && !ap_strcasecmp_match(content_type_noparam, p->apply_to)) { return p->data; } @@ -796,21 +793,19 @@ return NULL; } +static char *find_item(request_rec *r, apr_array_header_t *list, int path_only) +{ + return find_item_core(ap_field_noparam(r->pool, r->content_type), r->content_encoding, r->filename, list, path_only); +} + #define find_icon(d,p,t) find_item(p,d->icon_list,t) #define find_alt(d,p,t) find_item(p,d->alt_list,t) #define find_header(d,p) find_item(p,d->hdr_list,0) #define find_readme(d,p) find_item(p,d->rdme_list,0) -static char *find_default_item(char *bogus_name, apr_array_header_t *list) +static char *find_default_item(const char *bogus_name, apr_array_header_t *list) { - request_rec r; - /* Bleah. I tried to clean up find_item, and it lead to this bit - * of ugliness. Note that the fields initialized are precisely - * those that find_item looks at... - */ - r.filename = bogus_name; - r.content_type = r.content_encoding = NULL; - return find_item(&r, list, 1); + return find_item_core(NULL, NULL, bogus_name, list, 1); } #define find_default_icon(d,n) find_default_item(n, d->icon_list)