From: William A. Rowe Jr Date: Mon, 3 Dec 2007 19:45:48 +0000 (+0000) Subject: http_protocol: Escape request method in 413 error reporting. X-Git-Tag: 2.3.0~1177 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e95d52f53f3c713bba204280d811df5cf5a7eceb;p=thirdparty%2Fapache%2Fhttpd.git http_protocol: Escape request method in 413 error reporting. Determined to be not generally exploitable, but a flaw in any case. PR: 44014 Submitted by: Victor Stinner git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@600645 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index eb91f13b966..5dbf7957285 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ Changes with Apache 2.3.0 [ When backported to 2.2.x, remove entry from this file ] + *) http_protocol: Escape request method in 413 error reporting. + Determined to be not generally exploitable, but a flaw in any case. + PR 44014 [Victor Stinner ] + *) rotatelogs: Improve atomicity when using -l and cleaup code. PR 44004 [Rainer Jung] diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c index 3d123c9e733..71d1e9d1a63 100644 --- a/modules/http/http_protocol.c +++ b/modules/http/http_protocol.c @@ -931,7 +931,7 @@ static const char *get_canned_error_string(int status, case HTTP_LENGTH_REQUIRED: s1 = apr_pstrcat(p, "

A request of the requested method ", - r->method, + ap_escape_html(r->pool, r->method), " requires a valid Content-length.
\n", NULL); return(add_optional_notes(r, s1, "error-notes", "

\n")); @@ -978,7 +978,7 @@ static const char *get_canned_error_string(int status, "The requested resource
", ap_escape_html(r->pool, r->uri), "
\n", "does not allow request data with ", - r->method, + ap_escape_html(r->pool, r->method), " requests, or the amount of data provided in\n" "the request exceeds the capacity limit.\n", NULL));