Follow up to r1879079: fail early if URI path resolves above root.

author Yann Ylavic <ylavic@apache.org>

Wed, 24 Jun 2020 12:11:08 +0000 (12:11 +0000)

committer Yann Ylavic <ylavic@apache.org>

Wed, 24 Jun 2020 12:11:08 +0000 (12:11 +0000)
author Yann Ylavic <ylavic@apache.org>
Wed, 24 Jun 2020 12:11:08 +0000 (12:11 +0000)
committer Yann Ylavic <ylavic@apache.org>
Wed, 24 Jun 2020 12:11:08 +0000 (12:11 +0000)
diff --git a/server/request.c b/server/request.c

index 4ba347ae40c0d8719da5a21324579d1cfa5e6caa..4d1f4cb11c57a8a1797d24389e4f484a389a2e99 100644 (file)
--- a/server/request.c
+++ b/server/request.c
@@ -192,15 +192,16 @@ AP_DECLARE(int) ap_process_request_internal(request_rec *r)
      int file_req = (r->main && r->filename);
      core_server_config *sconf =
          ap_get_core_module_config(r->server->module_config);
-    unsigned int normalize_flags = 0;
+    unsigned int normalize_flags;
  
+    normalize_flags = AP_NORMALIZE_NOT_ABOVE_ROOT;
+    if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) { 
+        normalize_flags |= AP_NORMALIZE_MERGE_SLASHES;
+    }
      if (file_req) {
          /* File subrequests can have a relative path. */
          normalize_flags |= AP_NORMALIZE_ALLOW_RELATIVE;
      }
-    if (sconf->merge_slashes != AP_CORE_CONFIG_OFF) { 
-        normalize_flags |= AP_NORMALIZE_MERGE_SLASHES;
-    }
  
      if (r->parsed_uri.path) {
          /* Normalize: remove /./ and shrink /../ segments, plus
author	Yann Ylavic <ylavic@apache.org>
	Wed, 24 Jun 2020 12:11:08 +0000 (12:11 +0000)
committer	Yann Ylavic <ylavic@apache.org>
	Wed, 24 Jun 2020 12:11:08 +0000 (12:11 +0000)