apache2 mod_jk2.c

jean-frederic clere Fri, 12 Mar 2004 05:58:08 -0800

[EMAIL PROTECTED] wrote:

jfclere 2004/03/12 05:47:20

  Modified:    jk/native2/server/apache13 mod_jk2.c
               jk/native2/server/apache2 mod_jk2.c
  Log:
  Fix PR 27627: It was possible to core the httpd process.

Henri fixes the core... But I think we should return 400 otherwise jsp code could be displayed as text.
Someone should take care of jk_dsapi_plugin.c and jk_isapi_plugin.c and do the same.

Note only Apache has been fixed but jk_dsapi_plugin.c and jk_isapi_plugin.c
probably have the same problem.
Revision Changes Path
1.32 +11 -2 jakarta-tomcat-connectors/jk/native2/server/apache13/mod_jk2.c
Index: mod_jk2.c
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/server/apache13/mod_jk2.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- mod_jk2.c 24 Feb 2004 08:44:42 -0000 1.31
+++ mod_jk2.c 12 Mar 2004 13:47:20 -0000 1.32
@@ -573,6 +573,8 @@
jk_uriMap_t *uriMap;
char *name=NULL;
int n;
+ const char *ptr;
+
if(r->proxyreq) {
return DECLINED;
}
@@ -597,8 +599,15 @@
/* get_env() */
env = workerEnv->globalEnv->getEnv( workerEnv->globalEnv );
+ ptr = ap_get_server_name(r);
+ if ( strlen(ptr) > 1024 - 12 ) {
+ /* That is probably an invalid request, DECLINED could display jsp source code. */
+ env->l->jkLog(env, env->l, JK_LOG_DEBUG,
+ "jk2_map_to_storage Host too big %s\n", ptr);
+ return HTTP_BAD_REQUEST;
+ }
uriEnv = workerEnv->uriMap->mapUri(env, workerEnv->uriMap,
- ap_get_server_name(r),
+ ptr,
ap_get_server_port(r),
r->uri);
1.76 +10 -2 jakarta-tomcat-connectors/jk/native2/server/apache2/mod_jk2.c
Index: mod_jk2.c
===================================================================
RCS file: /home/cvs/jakarta-tomcat-connectors/jk/native2/server/apache2/mod_jk2.c,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -r1.75 -r1.76
--- mod_jk2.c 10 Mar 2004 09:39:30 -0000 1.75
+++ mod_jk2.c 12 Mar 2004 13:47:20 -0000 1.76
@@ -810,6 +810,7 @@
{
jk_uriEnv_t *uriEnv;
jk_env_t *env;
+ const char *ptr;
if (r->proxyreq || workerEnv==NULL) {
return DECLINED;
@@ -822,8 +823,15 @@
/* From something like [uri:/examples/STAR] in workers2.properties */
env = workerEnv->globalEnv->getEnv( workerEnv->globalEnv );
+ ptr = ap_get_server_name(r);
+ if ( strlen(ptr) > 1024 - 12 ) {
+ /* That is probably an invalid request, DECLINED could display jsp source code. */
+ env->l->jkLog(env, env->l, JK_LOG_DEBUG, + "jk2_map_to_storage Host too big %s\n", ptr);
+ return HTTP_BAD_REQUEST;
+ }
uriEnv=workerEnv->uriMap->mapUri(env, workerEnv->uriMap,
- ap_get_server_name(r),
+ ptr,
ap_get_server_port(r),
r->uri);
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

signature.asc
Description: OpenPGP digital signature

Re: cvs commit: jakarta-tomcat-connectors/jk/native2/server/apache2 mod_jk2.c

Reply via email to