* Makefile.in (build/config_vars.out): Rebuild if build/config_vars.sh
has changed.
sort safe_env_lst
bz 64371
mod_optional_hook_import: debug message at APLOG_DEBUG level.
*) de-duplicate ALOGNO from code copy.
ab: apr_base64_encode already NUL-terminate the output.
And returns the length including the trailing \0, so setting it at that
length is off by +1.
* Avoid an overflow on large inputs
PR: 66033
dav_get_liveprop_info() returns a long not an int.
Update the type of global_ns accordingly and update the format specifier when this variable is used in printf like functions.
This also aligns code with dav_core_insert_prop() in modules/dav/main/std_liveprop.c
Length computed by count_string() are accumulated in an apr_size_t, so be more consistent and use this data type also in this function.
Fix some typo
[skip ci]
Fix some typos
[skip ci]
Submitted by: jorton, gbechis, ylavic, icing, ylavic, rpluem, jailletc36, jailletc36, jailletc36, jailletc36
Reviewed by: jailletc36, rpluem, jim
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1903618 13f79535-47bb-0310-9956-
ffa450edef68
fi
# Create a sanitized config_vars.mk
-build/config_vars.out: build/config_vars.mk
+build/config_vars.out: build/config_vars.mk build/config_vars.sh
@$(SHELL) build/config_vars.sh < build/config_vars.mk > build/config_vars.out
install-build: build/config_vars.out
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) Easy patches: synch 2.4.x and trunk
- - Makefile.in (build/config_vars.out): Rebuild if build/config_vars.sh has changed
- - suexec: sort the 'safe_env_lst' array
- - mod_optional_hook_import: debug message at APLOG_DEBUG level
- - worker: de-duplicate ALOGNO from code copy
- - ab: tweak usage of apr_base64_encode()
- - core: Avoid an overflow on large inputs in ap_is_matchexp()
- - mod_dav: be more consistent with datatypes
- - mod_log_forensic: be more consistent with datatypes
- - mod_ssl: fix some typo
- - mod_ssl: fix some typo
- trunk patch:
- https://svn.apache.org/r1822857
- https://svn.apache.org/r1876815
- https://svn.apache.org/r1893499
- https://svn.apache.org/r1900024
- https://svn.apache.org/r1900152
- https://svn.apache.org/r1900306
- https://svn.apache.org/r1900559
- https://svn.apache.org/r1900564
- https://svn.apache.org/r1900691
- https://svn.apache.org/r1900694
- 2.4.x patch: svn merge -c 1822857,1876815,1893499,1900024,1900152,1900306,1900559,1900564,1900691,1900694 ^/httpd/httpd/trunk .
- +1: jailletc36, rpluem, jim
-
*) mod_heartmonitor: Allow "HeartbeatMaxServers 0"
to use file based storage instead of slotmem.
Needed after setting HeartbeatMaxServers default
--- /dev/null
+ *) core: Avoid an overflow on large inputs in ap_is_matchexp. PR 66033
+ [Ruediger Pluem]
/**
* Lookup an SSL related variable for the server/connection/request or a global
* value when all those parameters are set to NULL. Pool and name must always be
- * provided and the returned value (if not NULL) will be allocated fromt he pool.
+ * provided and the returned value (if not NULL) will be allocated from the pool.
* @param p The pool to allocate a returned value in, MUST be provided
* @param s The server to inquire a value for, maybe NULL
* @param c The current connection, maybe NULL
/**
* Register to provide certificate/key files for servers. Certificate files are
- * exepcted to contain the certificate chain, beginning with the server's certificate,
+ * expected to contain the certificate chain, beginning with the server's certificate,
* excluding the trust anchor, in PEM format.
* They must be accompanied by a private key file, also in PEM format.
*
const char *s;
apr_pool_t *p = resource->info->pool;
const dav_liveprop_spec *info;
- int global_ns;
+ long global_ns;
/* an HTTP-date can be 29 chars plus a null term */
/* a 64-bit size can be 20 chars plus a null term */
/* DBG3("FS: inserting lp%d:%s (local %d)", ns, scan->name, scan->ns); */
if (what == DAV_PROP_INSERT_VALUE) {
- s = apr_psprintf(p, "<lp%d:%s>%s</lp%d:%s>" DEBUG_CR,
+ s = apr_psprintf(p, "<lp%ld:%s>%s</lp%ld:%s>" DEBUG_CR,
global_ns, info->name, value, global_ns, info->name);
}
else if (what == DAV_PROP_INSERT_NAME) {
- s = apr_psprintf(p, "<lp%d:%s/>" DEBUG_CR, global_ns, info->name);
+ s = apr_psprintf(p, "<lp%ld:%s/>" DEBUG_CR, global_ns, info->name);
}
else {
/* assert: what == DAV_PROP_INSERT_SUPPORTED */
apr_size_t count;
} hlog;
-static int count_string(const char *p)
+static apr_size_t count_string(const char *p)
{
- int n;
+ apr_size_t n;
for (n = 0 ; *p ; ++p, ++n)
if (TEST_CHAR(*p, T_ESCAPE_FORENSIC))
return NULL;
}
#endif
- return apr_pstrcat(cmd->pool, "procotol '", arg1, "' not supported", NULL);
+ return apr_pstrcat(cmd->pool, "protocol '", arg1, "' not supported", NULL);
}
#define SSL_FLAGS_CHECK_FILE \
return NULL;
}
#endif
- return apr_pstrcat(cmd->pool, "procotol '", arg1, "' not supported", NULL);
+ return apr_pstrcat(cmd->pool, "protocol '", arg1, "' not supported", NULL);
}
const char *ssl_cmd_SSLProxyVerify(cmd_parms *cmd,
/*
* Support for external a Crypto Device ("engine"), usually
- * a hardware accellerator card for crypto operations.
+ * a hardware accelerator card for crypto operations.
*/
#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)
apr_status_t ssl_init_Engine(server_rec *s, apr_pool_t *p)
static int ImportOptionalHookTestHook(const char *szStr)
{
- ap_log_error(APLOG_MARK,APLOG_ERR,OK,NULL, APLOGNO(01866)"Optional hook test said: %s",
- szStr);
+ ap_log_error(APLOG_MARK,APLOG_DEBUG,OK,NULL, APLOGNO(01866)
+ "Optional hook test said: %s", szStr);
return OK;
}
if (++successive_kills >= 3) {
if (successive_kills % 10 == 3) {
ap_log_error(APLOG_MARK, APLOG_WARNING, 0,
- ap_server_conf, APLOGNO(10392)
+ ap_server_conf, APLOGNO(10393)
"children are killed successively!");
}
continue;
AP_DECLARE(int) ap_is_matchexp(const char *str)
{
- int x;
-
- for (x = 0; str[x]; x++)
- if ((str[x] == '*') || (str[x] == '?'))
+ for (; *str; str++)
+ if ((*str == '*') || (*str == '?'))
return 1;
return 0;
}
/* sort out command-line args and call test */
int main(int argc, const char * const argv[])
{
- int l;
char tmp[1024];
apr_status_t status;
apr_getopt_t *opt;
if (apr_base64_encode_len(strlen(opt_arg)) > sizeof(tmp)) {
err("Authentication credentials too long\n");
}
- l = apr_base64_encode(tmp, opt_arg, strlen(opt_arg));
- tmp[l] = '\0';
+ apr_base64_encode(tmp, opt_arg, strlen(opt_arg));
auth = apr_pstrcat(cntxt, auth, "Authorization: Basic ", tmp,
"\r\n", NULL);
if (apr_base64_encode_len(strlen(opt_arg)) > sizeof(tmp)) {
err("Proxy credentials too long\n");
}
- l = apr_base64_encode(tmp, opt_arg, strlen(opt_arg));
- tmp[l] = '\0';
+ apr_base64_encode(tmp, opt_arg, strlen(opt_arg));
auth = apr_pstrcat(cntxt, auth, "Proxy-Authorization: Basic ",
tmp, "\r\n", NULL);
"REDIRECT_STATUS=",
"REDIRECT_URL=",
"REQUEST_METHOD=",
- "REQUEST_URI=",
"REQUEST_SCHEME=",
+ "REQUEST_URI=",
"SCRIPT_FILENAME=",
"SCRIPT_NAME=",
"SCRIPT_URI=",
"SCRIPT_URL=",
+ "SERVER_ADDR=",
"SERVER_ADMIN=",
"SERVER_NAME=",
- "SERVER_ADDR=",
"SERVER_PORT=",
"SERVER_PROTOCOL=",
"SERVER_SIGNATURE=",
projects / thirdparty / apache / httpd.git / commitdiff
