Changes with Apache 1.3.32
+ *) mod_usertrack: Escape the cookie name before pasting into the
+ regexp. [André Malo]
+
*) Win32: Improve error reporting after a failed attempt to spawn a
piped log process or rewrite map process. [Jeff Trawick]
pool *p,
const char *cookie_name)
{
+ int danger_chars = 0;
+ const char *sp = cookie_name;
+
/*
* The goal is to end up with this regexp,
* ^cookie_name=([^;]+)|;[\t]+cookie_name=([^;]+)
* with the real cookie name set by the user in httpd.conf,
* or with the default COOKIE_NAME.
*/
+
+ /* Anyway, we need to escape the cookie_name before pasting it
+ * into the regex
+ */
+ while (*sp) {
+ if (!ap_isalnum(*sp)) {
+ ++danger_chars;
+ }
+ ++sp;
+ }
+
+ if (danger_chars) {
+ char *cp;
+ cp = ap_palloc(p, sp - cookie_name + danger_chars + 1); /* 1 == \0 */
+ sp = cookie_name;
+ cookie_name = cp;
+ while (*sp) {
+ if (!ap_isalnum(*sp)) {
+ *cp++ = '\\';
+ }
+ *cp++ = *sp++;
+ }
+ *cp = '\0';
+ }
+
dcfg->regexp_string = ap_pstrcat(p, "^", cookie_name,
"=([^;]+)|;[ \t]+", cookie_name,
"=([^;]+)", NULL);
projects / thirdparty / apache / httpd.git / commitdiff
