Add in the rotatelogs fix

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@100611 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/src/CHANGES b/src/CHANGES
index 6c56aeb3a468318b5e89bade1ba891dac13477cb..fefcb687ce58541422a7450c0af365838de7b836 100644 (file)
--- a/src/CHANGES
+++ b/src/CHANGES
@@ -1,5 +1,11 @@
 Changes with Apache 1.3.28
 
+  *) SECURITY: CAN-2003-0460 (cve.mitre.org)
+     Fix the rotatelogs support program on Win32 and OS/2 to ignore
+     special control characters received over the pipe.  Previously
+     such characters could cause it to quit logging and exit.
+     [André Malo]
+
   *) Prevent the server from crashing when entering infinite loops. The
      new LimitInternalRecursion directive configures limits of subsequent
      internal redirects and nested subrequests, after which the request

diff --git a/src/support/rotatelogs.c b/src/support/rotatelogs.c
index 944d14d7a5e62bdcd9271e6b1a3bdbd2e001b015..925a85d1763280470ec0d7f8a86b11e071c32998 100644 (file)
--- a/src/support/rotatelogs.c
+++ b/src/support/rotatelogs.c
@@ -12,6 +12,10 @@
 #include <errno.h>
 #include <fcntl.h>
 
+#if defined(WIN32) || defined(OS2)
+#include <io.h>
+#endif
+
 #define BUFSIZE        65536
 #define ERRMSGSZ       82
 #ifndef MAX_PATH
@@ -67,6 +71,10 @@ int main (int argc, char **argv)
         exit(6);
     }
 
+#if defined(WIN32) || defined(OS2)
+    setmode(0, O_BINARY);
+#endif
+
     use_strftime = (strstr(szLogRoot, "%") != NULL);
     for (;;) {
         nRead = read(0, buf, sizeof buf);