* merge fix to mod_speling crash when r->filename is not set
Reviewed by: jerenkrantz, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@390518
13f79535-47bb-0310-9956-
ffa450edef68
-*- coding: utf-8 -*-
Changes with Apache 2.0.56
-
*) SECURITY: CVE-2005-3357 (cve.mitre.org)
mod_ssl: Fix a possible crash during access control checks if a
ap_escape_html so we escape quotes. Reported by JPCERT.
[Mark Cox]
+ *) mod_speling: Stop crashing with certain non-file requests.
+ [Jeff Trawick]
+
*) keep the Content-Length header for a HEAD with no response body.
PR 18757 [Greg Ames]
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_speling: Don't crash if r->filename is unset.
- http://svn.apache.org/viewcvs.cgi?rev=385580&view=rev
- +1: trawick, niq, colm
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ please place SVN revisions from trunk here, so it is easy to
}
/* We've already got a file of some kind or another */
- if (r->proxyreq || (r->finfo.filetype != 0)) {
+ if (r->finfo.filetype != 0) {
+ return DECLINED;
+ }
+
+ /* Not a file request */
+ if (r->proxyreq || !r->filename) {
return DECLINED;
}
projects / thirdparty / apache / httpd.git / commitdiff
