Module Name: src
Committed By: mrg
Date: Thu Jan 17 07:34:06 UTC 2019
Modified Files:
src/libexec/httpd: CHANGES cgi-bozo.c daemon-bozo.c
Log Message:
- fix CGI '+' param and error handling.
- remove unused parameter to daemon_poll_err().
both from "Rajeev V. Pillai" <rajeev_v_pil...@yahoo.com>
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 src/libexec/httpd/CHANGES
cvs rdiff -u -r1.45 -r1.46 src/libexec/httpd/cgi-bozo.c
cvs rdiff -u -r1.19 -r1.20 src/libexec/httpd/daemon-bozo.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/httpd/CHANGES
diff -u src/libexec/httpd/CHANGES:1.34 src/libexec/httpd/CHANGES:1.35
--- src/libexec/httpd/CHANGES:1.34 Wed Dec 19 12:40:32 2018
+++ src/libexec/httpd/CHANGES Thu Jan 17 07:34:06 2019
@@ -1,4 +1,8 @@
-$NetBSD: CHANGES,v 1.34 2018/12/19 12:40:32 mrg Exp $
+$NetBSD: CHANGES,v 1.35 2019/01/17 07:34:06 mrg Exp $
+
+changes in bozohttpd 20190116:
+ o fix CGI '+' parameter handling, and a double free. from
+ rajeev_v_pil...@yahoo.com
changes in bozohttpd 20181215:
o fix .htpasswd bypass for authenticated users. reported by JP,
Index: src/libexec/httpd/cgi-bozo.c
diff -u src/libexec/httpd/cgi-bozo.c:1.45 src/libexec/httpd/cgi-bozo.c:1.46
--- src/libexec/httpd/cgi-bozo.c:1.45 Sat Nov 24 13:03:15 2018
+++ src/libexec/httpd/cgi-bozo.c Thu Jan 17 07:34:06 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: cgi-bozo.c,v 1.45 2018/11/24 13:03:15 christos Exp $ */
+/* $NetBSD: cgi-bozo.c,v 1.46 2019/01/17 07:34:06 mrg Exp $ */
/* $eterna: cgi-bozo.c,v 1.40 2011/11/18 09:21:15 mrg Exp $ */
@@ -241,10 +241,10 @@ parse_search_string(bozo_httpreq_t *requ
args[0] = str;
args[*args_len] = NULL;
- for (s = str, i = 0; (s = strchr(s, '+')) != NULL;) {
+ for (s = str, i = 1; (s = strchr(s, '+')) != NULL; i++) {
*s = '\0';
s++;
- args[i++] = s;
+ args[i] = s;
}
/*
@@ -333,8 +333,7 @@ parse_search_string(bozo_httpreq_t *requ
parse_err:
- free (str);
- free (*args);
+ free(str);
free(args);
*args_len = 0;
@@ -610,9 +609,12 @@ bozo_process_cgi(bozo_httpreq_t *request
closelog();
bozo_daemon_closefds(httpd);
- if (-1 == execve(path, argv, envp))
+ if (-1 == execve(path, argv, envp)) {
+ bozo_http_error(httpd, 404, request,
+ "Cannot execute CGI");
bozoerr(httpd, 1, "child exec failed: %s: %s",
path, strerror(errno));
+ }
/* NOT REACHED */
bozoerr(httpd, 1, "child execve returned?!");
}
Index: src/libexec/httpd/daemon-bozo.c
diff -u src/libexec/httpd/daemon-bozo.c:1.19 src/libexec/httpd/daemon-bozo.c:1.20
--- src/libexec/httpd/daemon-bozo.c:1.19 Thu Nov 22 08:54:08 2018
+++ src/libexec/httpd/daemon-bozo.c Thu Jan 17 07:34:06 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: daemon-bozo.c,v 1.19 2018/11/22 08:54:08 mrg Exp $ */
+/* $NetBSD: daemon-bozo.c,v 1.20 2019/01/17 07:34:06 mrg Exp $ */
/* $eterna: daemon-bozo.c,v 1.24 2011/11/18 09:21:15 mrg Exp $ */
@@ -205,7 +205,7 @@ daemon_runchild(bozohttpd_t *httpd, int
}
static int
-daemon_poll_err(bozohttpd_t *httpd, int fd, int idx)
+daemon_poll_err(bozohttpd_t *httpd, int idx)
{
if ((httpd->fds[idx].revents & (POLLNVAL|POLLERR|POLLHUP)) == 0)
return 0;
@@ -284,7 +284,7 @@ again:
}
for (i = 0; i < httpd->nsock; i++) {
- if (daemon_poll_err(httpd, fd, i))
+ if (daemon_poll_err(httpd, i))
break;
if (httpd->fds[i].revents == 0)
continue;
