#define ETAG_BACKWARD (ETAG_MTIME | ETAG_INODE | ETAG_SIZE)
#define ETAG_ALL (ETAG_MTIME | ETAG_INODE | ETAG_SIZE)
+typedef enum {
+ AP_FLAG_UNSET = 0,
+ AP_FLAG_ON = 1,
+ AP_FLAG_OFF = 2
+} ap_flag_e;
+
typedef struct {
/* path of the directory/regex/etc. see also d_is_fnmatch below */
char *d;
etag_components_t etag_add;
etag_components_t etag_remove;
+ /*
+ * Do we allow ISINDEX CGI scripts to pass their query argument as
+ * direct command line parameters or argv elements?
+ */
+ ap_flag_e cgi_command_args;
+
} core_dir_config;
/* Per-server core configuration */
conf->etag_bits &= (~ ETAG_NONE);
}
+ if (new->cgi_command_args != AP_FLAG_UNSET) {
+ conf->cgi_command_args = new->cgi_command_args;
+ }
+
return (void*)conf;
}
}
#endif
+static const char *set_cgi_command_args(cmd_parms *cmd,
+ void *mconfig,
+ int arg)
+{
+ core_dir_config *cfg = (core_dir_config *)mconfig;
+ cfg->cgi_command_args = arg ? AP_FLAG_ON : AP_FLAG_OFF;
+ return NULL;
+}
#ifdef CHARSET_EBCDIC
{ "ScriptInterpreterSource", set_interpreter_source, NULL, OR_FILEINFO, TAKE1,
"Where to find interpreter to run Win32 scripts - Registry or Script (shebang line)" },
#endif
+{ "CGICommandArgs", set_cgi_command_args, NULL, OR_OPTIONS, FLAG,
+ "Allow or Disallow CGI requests to pass args on the command line" },
{ "ServerTokens", set_serv_tokens, NULL, RSRC_CONF, TAKE1,
"Tokens displayed in the Server: header - Min[imal], OS, Prod[uctOnly], Full" },
{ "LimitRequestLine", set_limit_req_line, NULL, RSRC_CONF, TAKE1,
char **env, int shellcmd)
{
int pid = 0;
-#if defined(RLIMIT_CPU) || defined(RLIMIT_NPROC) || \
- defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined (RLIMIT_AS)
-
core_dir_config *conf;
conf = (core_dir_config *) ap_get_module_config(r->per_dir_config,
&core_module);
-#endif
-
#if !defined(WIN32) && !defined(OS2)
/* the fd on r->server->error_log is closed, but we need somewhere to
* put the error messages from the log_* functions. So, we use stderr,
int env_len, e;
char *env_block, *env_block_pos;
- if (r->args && r->args[0] && !strchr(r->args, '='))
+ if ((conf->cgi_command_args != AP_FLAG_OFF)
+ && r->args && r->args[0]
+ && !strchr(r->args, '=')) {
args = r->args;
+ }
program = fopen(r->filename, "rt");
* Look at the arguments...
*/
arguments = "";
- if ((r->args) && (r->args[0]) && !strchr(r->args, '=')) {
+ if ((conf->cgi_command_args != AP_FLAG_OFF)
+ && (r->args) && (r->args[0])
+ && !strchr(r->args, '=')) {
/* If we are in this leg, there are some other arguments
* that we must include in the execution of the CGI.
* Because CreateProcess is the way it is, we have to
NULL, env);
}
- else if ((!r->args) || (!r->args[0]) || strchr(r->args, '=')) {
+ else if ((conf->cgi_command_args == AP_FLAG_OFF)
+ || (!r->args) || (!r->args[0])
+ || strchr(r->args, '=')) {
execle(SUEXEC_BIN, SUEXEC_BIN, execuser, grpname, argv0,
NULL, env);
}
execle(SHELL_PATH, SHELL_PATH, "-c", argv0, NULL, env);
}
- else if ((!r->args) || (!r->args[0]) || strchr(r->args, '=')) {
+ else if ((conf->cgi_command_args == AP_FLAG_OFF)
+ || (!r->args) || (!r->args[0])
+ || strchr(r->args, '=')) {
execle(r->filename, argv0, NULL, env);
}
projects / thirdparty / apache / httpd.git / commitdiff
