From: André Malo Date: Mon, 12 Jan 2004 02:02:11 +0000 (+0000) Subject: cause a lookup failure of external rewrite maps, if the key contains a \n X-Git-Tag: 2.0.49~226 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=da7ab2d8a39bf0eb731b5672c206a419c45306c8;p=thirdparty%2Fapache%2Fhttpd.git cause a lookup failure of external rewrite maps, if the key contains a \n PR: 14453 Reviewed by: Jeff Trawick, Justin Erenkrantz git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@102278 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 53c56e74367..0e22c85b9f5 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,9 @@ Changes with Apache 2.0.49 + *) mod_rewrite: In external rewrite maps lookup keys containing + a newline now cause a lookup failure. PR 14453. + [Cedric Gavage , André Malo] + *) Backport major overhaul of mod_include's filter parser from 2.1. The new parser code is expected to be more robust and should catch all of the edge cases that were not handled by the previous one. diff --git a/STATUS b/STATUS index 4febae276a3..367dbacfc77 100644 --- a/STATUS +++ b/STATUS @@ -1,5 +1,5 @@ APACHE 2.0 STATUS: -*-text-*- -Last modified at [$Date: 2004/01/12 00:59:02 $] +Last modified at [$Date: 2004/01/12 02:02:10 $] Release: @@ -270,17 +270,6 @@ PATCHES TO BACKPORT FROM 2.1 else. BTW, clever use of NULL terms (or lack of). ;-) +1: nd, trawick, jerenkrantz - * mod_rewrite: cause a lookup failure in external rewrite maps if - the key contains a newline. PR 14453. (2.0 + 1.3) - modules/mappers/mod_rewrite.c: r1.199 - jerenkrantz: Okay by me, but perhaps we should just escape the \n? - Wouldn't ignoring the rewrite here do something bad tho? - (Am not backporting.) - nd: If the user/admin wants to escape, he can use the internal escape - map. Additionally not escaping \n is (more or less) backwards - compatible, because it always failed (the map got out of sync). - +1: nd, trawick, jerenkrantz - * mod_ssl: fix a link failure when the openssl-engine libraries are present but the engine headers are missing. modules/ssl/mod_ssl.c: r1.87 diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c index 6fa9f637e3d..30461f38792 100644 --- a/modules/mappers/mod_rewrite.c +++ b/modules/mappers/mod_rewrite.c @@ -3240,11 +3240,16 @@ static char *lookup_map_program(request_rec *r, apr_file_t *fpin, * context then the rewritemap-programs were not spawned. * In this case using such a map (usually in per-dir context) * is useless because it is not available. + * + * newlines in the key leave bytes in the pipe and cause + * bad things to happen (next map lookup will use the chars + * after the \n instead of the new key etc etc - in other words, + * the Rewritemap falls out of sync with the requests). */ - if (fpin == NULL || fpout == NULL) { + if (fpin == NULL || fpout == NULL || ap_strchr(key, '\n')) { return NULL; } - + /* take the lock */ if (rewrite_mapr_lock_acquire) {