From: Ruediger Pluem Date: Wed, 12 Mar 2014 12:28:03 +0000 (+0000) Subject: Merge r1493330, r1504276, r1552227, r1551714, r1490994, r1172732 from trunk: X-Git-Tag: 2.2.27~8 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f3b070a18bef2c52341db119e02cbc2a174eb25f;p=thirdparty%2Fapache%2Fhttpd.git Merge r1493330, r1504276, r1552227, r1551714, r1490994, r1172732 from trunk: Correct typo in error message Unlikely potential memory leak. Point 12 of PR 54936 Remove syntax which: - is equivalent to - has never been documented - incorrectly checks parameters (!cmd->path should be !cmd->path[0]) - is buggy (! is missing in front of strncasecmp) Avoid sending back uninitialized memory, use 'ftpmessage' in order to have something meaningful instead. Save 8k of stack by the same time. NULL terminate the right buffer Fix issues found by PVS-Studio static analyzer: mod_mime_magic: cut'n'paste error rsl_encoding vs. rsl_separator, also simplify code a bit mod_header: wrong string initialization (leading to segfault if format argument is missing) util_win32: duplicate sizeof (untested; Windows people, please review) PR: 51542 Submitted by: Andrey Karpov , Stefan Fritsch Reviewed by: jailletc36, rpluem, wrowe git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1576709 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index b0f67ad6218..92d65e250ec 100644 --- a/CHANGES +++ b/CHANGES @@ -7,6 +7,15 @@ Changes with Apache 2.2.27 *) mod_proxy_http: Core dumped under high load. PR 50335. [Jan Kaluza ] + *) proxy_util: NULL terminate the right buffer in 'send_http_connect'. + [Christophe Jaillet] + + *) mod_proxy: Remove (never documented) syntax which + is equivalent to . [Christophe Jaillet] + + *) mod_ldap: Fix a potential memory leak or corruption. PR 54936. + [Zhenbo Xu ] + *) mod_rewrite: Add mod_rewrite.h to the headers installed on Windows. PR46679 [Bob Ionescu] diff --git a/STATUS b/STATUS index ccb79bc35bd..5bac6895772 100644 --- a/STATUS +++ b/STATUS @@ -98,30 +98,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] - * back port some bugfix that have already been included in 2.4.x. CHANGES has - been upgraded with the corresponding entries. - - Correct typo in error message - - Unlikely potential memory leak. PR 54936 - - Remove syntax which: - - is equivalent to - - has never been documented - - incorrectly checks parameters (!cmd->path should be !cmd->path[0]) - - is buggy (! is missing in front of strncasecmp) - - Avoid sending back uninitialized memory, use 'ftpmessage' in order to have - something meaningful instead. - Save 8k of stack by the same time. - - NULL terminate the right buffer - - mod_header: wrong string initialization (leading to segfault if format argument is missing) - util_win32: duplicate sizeof (untested; Windows people, please review) - trunk patch: http://svn.apache.org/viewvc?view=revision&revision=r1493330 - http://svn.apache.org/viewvc?view=revision&revision=r1504276 - http://svn.apache.org/viewvc?view=revision&revision=r1552227 - http://svn.apache.org/viewvc?view=revision&revision=r1551714 - http://svn.apache.org/viewvc?view=revision&revision=r1490994 - http://svn.apache.org/viewvc?view=revision&revision=r1172732 - 2.2.x patch: http://people.apache.org/~jailletc36/patch_2.2.diff - +1: jailletc36, rpluem, wrowe - * mod_ssl: Do not perform SNI / Host header comparison in case of a forward proxy request. Trunk version of patch: diff --git a/modules/aaa/mod_authnz_ldap.c b/modules/aaa/mod_authnz_ldap.c index 630ca85da74..534c16f788c 100644 --- a/modules/aaa/mod_authnz_ldap.c +++ b/modules/aaa/mod_authnz_ldap.c @@ -1048,7 +1048,7 @@ static const char *mod_auth_ldap_set_deref(cmd_parms *cmd, void *config, const c sec->deref = always; } else { - return "Unrecognized value for AuthLDAPAliasDereference directive"; + return "Unrecognized value for AuthLDAPDereferenceAliases directive"; } return NULL; } diff --git a/modules/ldap/util_ldap_cache.c b/modules/ldap/util_ldap_cache.c index 7ae63be6966..3c8784a340b 100644 --- a/modules/ldap/util_ldap_cache.c +++ b/modules/ldap/util_ldap_cache.c @@ -52,7 +52,7 @@ void *util_ldap_url_node_copy(util_ald_cache_t *cache, void *c) if (node) { if (!(node->url = util_ald_strdup(cache, n->url))) { - util_ald_free(cache, node->url); + util_ald_free(cache, node); return NULL; } node->search_cache = n->search_cache; diff --git a/modules/metadata/mod_headers.c b/modules/metadata/mod_headers.c index 65050b45a18..102292a6708 100644 --- a/modules/metadata/mod_headers.c +++ b/modules/metadata/mod_headers.c @@ -327,7 +327,7 @@ static char *parse_format_tag(apr_pool_t *p, format_tag *tag, const char **sa) return NULL; } - tag->arg = '\0'; + tag->arg = "\0"; /* grab the argument if there is one */ if (*s == '{') { ++s; diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c index a72b339095e..0c80e82cb89 100644 --- a/modules/proxy/mod_proxy.c +++ b/modules/proxy/mod_proxy.c @@ -2005,17 +2005,6 @@ static const char *proxysection(cmd_parms *cmd, void *mconfig, const char *arg) return "Regex could not be compiled"; } } - else if (!strcmp(cmd->path, "~")) { - cmd->path = ap_getword_conf(cmd->pool, &arg); - if (!cmd->path) - return " block must specify a path"; - if (strncasecmp(cmd->path, "proxy:", 6)) - cmd->path += 6; - r = ap_pregcomp(cmd->pool, cmd->path, AP_REG_EXTENDED); - if (!r) { - return "Regex could not be compiled"; - } - } /* initialize our config and fetch it */ conf = ap_set_config_vectors(cmd->server, new_dir_conf, cmd->path, diff --git a/modules/proxy/mod_proxy_ftp.c b/modules/proxy/mod_proxy_ftp.c index 489f5ea7b2f..6ad3e9b3385 100644 --- a/modules/proxy/mod_proxy_ftp.c +++ b/modules/proxy/mod_proxy_ftp.c @@ -812,7 +812,6 @@ static int proxy_ftp_handler(request_rec *r, proxy_worker *worker, apr_bucket_brigade *bb = apr_brigade_create(p, c->bucket_alloc); char *buf, *connectname; apr_port_t connectport; - char buffer[MAX_STRING_LEN]; char *ftpmessage = NULL; char *path, *strp, *type_suffix, *cwd = NULL; apr_uri_t uri; @@ -1446,7 +1445,7 @@ static int proxy_ftp_handler(request_rec *r, proxy_worker *worker, "Error reading from remote server"); } if (rc != 200) { - return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, buffer); + return ftp_proxyerror(r, backend, HTTP_BAD_GATEWAY, ftpmessage); } /* signal that we must use the EPRT/PORT loop */ diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c index 62e8acd23e8..85d31386e86 100644 --- a/modules/proxy/proxy_util.c +++ b/modules/proxy/proxy_util.c @@ -2329,7 +2329,7 @@ static apr_status_t send_http_connect(proxy_conn_rec *backend, nbytes = sizeof(drain_buffer) - 1; while (status == APR_SUCCESS && nbytes) { status = apr_socket_recv(backend->sock, drain_buffer, &nbytes); - buffer[nbytes] = '\0'; + drain_buffer[nbytes] = '\0'; nbytes = sizeof(drain_buffer) - 1; if (strstr(drain_buffer, "\r\n\r\n") != NULL) { complete = 1; diff --git a/os/win32/util_win32.c b/os/win32/util_win32.c index 3a4038a5d01..86bd419f9fe 100644 --- a/os/win32/util_win32.c +++ b/os/win32/util_win32.c @@ -112,7 +112,7 @@ PSECURITY_ATTRIBUTES GetNullACL(void) PSECURITY_ATTRIBUTES sa; sa = (PSECURITY_ATTRIBUTES) LocalAlloc(LPTR, sizeof(SECURITY_ATTRIBUTES)); - sa->nLength = sizeof(sizeof(SECURITY_ATTRIBUTES)); + sa->nLength = sizeof(SECURITY_ATTRIBUTES); pSD = (PSECURITY_DESCRIPTOR) LocalAlloc(LPTR, SECURITY_DESCRIPTOR_MIN_LENGTH); sa->lpSecurityDescriptor = pSD;