From: Ruediger Pluem Date: Tue, 25 Jul 2006 13:40:32 +0000 (+0000) Subject: * Although the lstat call should rarely ever fail, because we stat'ed the X-Git-Tag: 2.3.0~2217 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=02558746341d4079cb2b6d59d3e2013b6520c099;p=thirdparty%2Fapache%2Fhttpd.git * Although the lstat call should rarely ever fail, because we stat'ed the same file several lines above, check the return value to be save that nothing bad happens in the case it does fail. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@425394 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/server/request.c b/server/request.c index dfcbbe13af7..4948736fa48 100644 --- a/server/request.c +++ b/server/request.c @@ -553,9 +553,22 @@ AP_DECLARE(int) ap_directory_walk(request_rec *r) * check. */ if (!(opts & OPT_SYM_LINKS)) { - apr_stat(&thisinfo, r->filename, - APR_FINFO_MIN | APR_FINFO_NAME | APR_FINFO_LINK, - r->pool); + rv = apr_stat(&thisinfo, r->filename, + APR_FINFO_MIN | APR_FINFO_NAME | APR_FINFO_LINK, + r->pool); + if (rv != APR_SUCCESS) { + /* + * This should never happen, because we did a stat on the + * same file, resolving a possible symlink several lines + * above. Therefore do not make a detailed analysis of rv + * in this case for the reason of the failure, just bail out + * with a HTTP_FORBIDDEN in case we hit a race condition + * here. + */ + ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, + "access to %s failed", r->uri); + return r->status = HTTP_FORBIDDEN; + } if (thisinfo.filetype == APR_LNK) { /* Is this a possibly acceptable symlink? */ if ((res = resolve_symlink(r->filename, &thisinfo,