From: Stefan Fritsch <sf@apache.org>
Date: Wed, 13 Jul 2011 19:11:21 +0000 (+0000)
Subject: Add some environment variables to the whitelist in suexec
X-Git-Tag: 2.3.14^2~58
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1039437f77622968e2e0498672828a6d36d2093c;p=thirdparty%2Fapache%2Fhttpd.git

Add some environment variables to the whitelist in suexec

PR: 51499
Submitted by: Graham Laverty <graham reg ca>, Stefan Fritsch


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1146244 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index c0a4bf69412..8273becd575 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,11 @@
 
 Changes with Apache 2.3.14
 
+  *) suexec: Add environment variables CONTEXT_DOCUMENT_ROOT, CONTEXT_PREFIX,
+     REDIRECT_ERROR_NOTES, REDIRECT_SCRIPT_FILENAME, REQUEST_SCHEME to the
+     whitelist in suexec. PR 51499. [Graham Laverty <graham reg ca>,
+     Stefan Fritsch]
+
   *) mod_rewrite: Fix regexp RewriteCond with NoCase. [Stefan Fritsch]
 
   *) mod_log_debug: New module that allows to log custom messages at various
diff --git a/support/suexec.c b/support/suexec.c
index ae17a77fcc6..5d78bcdb852 100644
--- a/support/suexec.c
+++ b/support/suexec.c
@@ -81,6 +81,8 @@ static const char *const safe_env_lst[] =
     "AUTH_TYPE=",
     "CONTENT_LENGTH=",
     "CONTENT_TYPE=",
+    "CONTEXT_DOCUMENT_ROOT=",
+    "CONTEXT_PREFIX=",
     "DATE_GMT=",
     "DATE_LOCAL=",
     "DOCUMENT_NAME=",
@@ -99,13 +101,16 @@ static const char *const safe_env_lst[] =
     "REMOTE_IDENT=",
     "REMOTE_PORT=",
     "REMOTE_USER=",
+    "REDIRECT_ERROR_NOTES=",
     "REDIRECT_HANDLER=",
     "REDIRECT_QUERY_STRING=",
     "REDIRECT_REMOTE_USER=",
+    "REDIRECT_SCRIPT_FILENAME=",
     "REDIRECT_STATUS=",
     "REDIRECT_URL=",
     "REQUEST_METHOD=",
     "REQUEST_URI=",
+    "REQUEST_SCHEME=",
     "SCRIPT_FILENAME=",
     "SCRIPT_NAME=",
     "SCRIPT_URI=",