From: Joe Orton Date: Wed, 15 Sep 2004 08:26:48 +0000 (+0000) Subject: Backport from HEAD: X-Git-Tag: 2.0.52~52 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef28a7eb8228f5288199df281175142a8ae8d7f6;p=thirdparty%2Fapache%2Fhttpd.git Backport from HEAD: * modules/dav/fs/lock.c (dav_size_indirect): Fix indirect lock record handling on 64-bit platforms: use correct size of apr_datum_t.dsize field. * modules/dav/fs/lock.c (dav_fs_refresh_locks): Fix SEGV on refresh of indirect lock. PR: 31183 Reviewed by: jerenkrantz, striker git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@105125 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index ee5b0ee8e57..7b39a681b28 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,9 @@ Changes with Apache 2.0.51 + *) SECURITY: CAN-2004-0809 (cve.mitre.org) + mod_dav_fs: Fix a segfault in the handling of an indirect lock + refresh. PR 31183. [Joe Orton] + *) Add -l option to rotatelogs to let it use local time rather than UTC. PR 24417. [Ken Coar, Uli Zappe ] diff --git a/STATUS b/STATUS index fda0400fba6..3af6281bf3a 100644 --- a/STATUS +++ b/STATUS @@ -1,5 +1,5 @@ APACHE 2.0 STATUS: -*-text-*- -Last modified at [$Date: 2004/09/15 07:58:37 $] +Last modified at [$Date: 2004/09/15 08:26:44 $] Release: @@ -73,18 +73,6 @@ PATCHES TO BACKPORT FROM 2.1 [ please place file names and revisions from HEAD here, so it is easy to identify exactly what the proposed changes are! ] - *) mod_dav_fs: Fix indirect lock record handling on 64-bit platforms. - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/fs/lock.c?r1=1.31&r2=1.32 - jerenkrantz asks: Won't this break already existing lock DBs? - (Joe comments in msg below they'd already be broken.) - Message-ID: <20040913161345.GD29591@redhat.com> - +1: jorton, jerenkrantz, striker - - *) mod_dav_fs: Fix indirect lock refresh. - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/fs/lock.c?r1=1.32&r2=1.33 - +1: jorton, jerenkrantz, striker - PR: 31183 (yes, I will do a CHANGES entry too) - *) ap_rgetline_core correctness fix. http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/protocol.c?r1=1.151&r2=1.152 +1: jorton, jerenkrantz diff --git a/modules/dav/fs/lock.c b/modules/dav/fs/lock.c index a0e47ed3c29..6161bea9656 100644 --- a/modules/dav/fs/lock.c +++ b/modules/dav/fs/lock.c @@ -66,7 +66,7 @@ ** INDIRECT LOCK: [char (DAV_LOCK_INDIRECT), ** apr_uuid_t locktoken, ** time_t expires, -** int key_size, +** apr_size_t key_size, ** char[] key] ** The key is to the collection lock that resulted in this indirect lock */ @@ -157,7 +157,7 @@ typedef struct dav_lock_indirect /* Stored indirect lock info - lock token and apr_datum_t */ #define dav_size_indirect(a) (1 + sizeof(apr_uuid_t) \ + sizeof(time_t) \ - + sizeof(int) + (a)->key.dsize) + + sizeof((a)->key.dsize) + (a)->key.dsize) /* ** The lockdb structure. @@ -1469,13 +1469,13 @@ static dav_error * dav_fs_refresh_locks(dav_lockdb *lockdb, } if (dav_fs_do_refresh(dp_scan, ltl, new_time)) { /* the lock was refreshed. return the lock. */ - newlock = dav_fs_alloc_lock(lockdb, ip->key, dp->locktoken); + newlock = dav_fs_alloc_lock(lockdb, ip->key, dp_scan->locktoken); newlock->is_locknull = !resource->exists; - newlock->scope = dp->f.scope; - newlock->type = dp->f.type; - newlock->depth = dp->f.depth; - newlock->timeout = dp->f.timeout; - newlock->owner = dp->owner; + newlock->scope = dp_scan->f.scope; + newlock->type = dp_scan->f.type; + newlock->depth = dp_scan->f.depth; + newlock->timeout = dp_scan->f.timeout; + newlock->owner = dp_scan->owner; newlock->auth_user = dp_scan->auth_user; newlock->next = *locks;