Module Name: src
Committed By: shm
Date: Fri Nov 21 08:54:12 UTC 2014
Modified Files:
src/libexec/httpd: bozohttpd.c
Log Message:
Fixed off-by-one in virtualhost processing. Previous code was checking if
Host header is a prefix of any existing vhost. This behaviour might be used to
uncover existing vitual hosts from the remote.
OK @mrg
To generate a diff of this commit:
cvs rdiff -u -r1.57 -r1.58 src/libexec/httpd/bozohttpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/libexec/httpd/bozohttpd.c
diff -u src/libexec/httpd/bozohttpd.c:1.57 src/libexec/httpd/bozohttpd.c:1.58
--- src/libexec/httpd/bozohttpd.c:1.57 Fri Oct 10 05:10:59 2014
+++ src/libexec/httpd/bozohttpd.c Fri Nov 21 08:54:12 2014
@@ -1,4 +1,4 @@
-/* $NetBSD: bozohttpd.c,v 1.57 2014/10/10 05:10:59 mrg Exp $ */
+/* $NetBSD: bozohttpd.c,v 1.58 2014/11/21 08:54:12 shm Exp $ */
/* $eterna: bozohttpd.c,v 1.178 2011/11/18 09:21:15 mrg Exp $ */
@@ -1093,8 +1093,8 @@ check_virtual(bozo_httpreq_t *request)
}
debug((httpd, DEBUG_OBESE, "looking at dir``%s''",
d->d_name));
- if (strncasecmp(d->d_name, request->hr_host,
- len) == 0) {
+ if (d->d_namlen == len && strcmp(d->d_name,
+ request->hr_host) == 0) {
/* found it, punch it */
debug((httpd, DEBUG_OBESE, "found it punch it"));
request->hr_virthostname =
