From: Jim Jagielski <jim@apache.org>
Date: Mon, 14 Jul 2003 18:31:26 +0000 (+0000)
Subject: Add in the rotatelogs fix
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=45f11c06d057efc37b9eb80d7a59878257bdda44;p=thirdparty%2Fapache%2Fhttpd.git

Add in the rotatelogs fix


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3.x@100611 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/src/CHANGES b/src/CHANGES
index 6c56aeb3a46..fefcb687ce5 100644
--- a/src/CHANGES
+++ b/src/CHANGES
@@ -1,5 +1,11 @@
 Changes with Apache 1.3.28
 
+  *) SECURITY: CAN-2003-0460 (cve.mitre.org)
+     Fix the rotatelogs support program on Win32 and OS/2 to ignore
+     special control characters received over the pipe.  Previously
+     such characters could cause it to quit logging and exit.
+     [André Malo]
+
   *) Prevent the server from crashing when entering infinite loops. The
      new LimitInternalRecursion directive configures limits of subsequent
      internal redirects and nested subrequests, after which the request
diff --git a/src/support/rotatelogs.c b/src/support/rotatelogs.c
index 944d14d7a5e..925a85d1763 100644
--- a/src/support/rotatelogs.c
+++ b/src/support/rotatelogs.c
@@ -12,6 +12,10 @@
 #include <errno.h>
 #include <fcntl.h>
 
+#if defined(WIN32) || defined(OS2)
+#include <io.h>
+#endif
+
 #define BUFSIZE        65536
 #define ERRMSGSZ       82
 #ifndef MAX_PATH
@@ -67,6 +71,10 @@ int main (int argc, char **argv)
         exit(6);
     }
 
+#if defined(WIN32) || defined(OS2)
+    setmode(0, O_BINARY);
+#endif
+
     use_strftime = (strstr(szLogRoot, "%") != NULL);
     for (;;) {
         nRead = read(0, buf, sizeof buf);