From: Joe Orton Date: Fri, 6 Jun 2025 10:36:00 +0000 (+0000) Subject: * modules/dav/fs/repos.c (dav_fs_remove_resource): X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=39265983d176647fff3c8467a2823244d6f03ee4;p=thirdparty%2Fapache%2Fhttpd.git * modules/dav/fs/repos.c (dav_fs_remove_resource): Return a 404 if apr_file_remove() fails with an ENOENT error, likely due to a race with another DELETE. PR: 60746 Github: closes #535 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1926172 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/changes-entries/pr60746.txt b/changes-entries/pr60746.txt new file mode 100644 index 0000000000..d8401fd73e --- /dev/null +++ b/changes-entries/pr60746.txt @@ -0,0 +1,2 @@ + *) mod_dav_fs: Return a 404 for DELETE if deletion fails because the + resource no longer exists. PR 60746. [Joe Orton] diff --git a/modules/dav/fs/repos.c b/modules/dav/fs/repos.c index 5ef5917758..614154502e 100644 --- a/modules/dav/fs/repos.c +++ b/modules/dav/fs/repos.c @@ -1521,8 +1521,16 @@ static dav_error * dav_fs_remove_resource(dav_resource *resource, /* not a collection; remove the file and its properties */ if ((status = apr_file_remove(info->pathname, info->pool)) != APR_SUCCESS) { - /* ### put a description in here */ - return dav_new_error(info->pool, HTTP_FORBIDDEN, 0, status, NULL); + if (APR_STATUS_IS_ENOENT(status)) { + /* Return a 404 if there is a race with another DELETE, + * per RFC 4918§9.6. */ + return dav_new_error(info->pool, HTTP_NOT_FOUND, 0, status, + "Cannot remove already-removed resource."); + } + else { + return dav_new_error(info->pool, HTTP_FORBIDDEN, 0, status, + "Cannot remove resource"); + } } /* update resource state */