From: Ruediger Pluem Date: Fri, 2 May 2008 20:04:34 +0000 (+0000) Subject: * Do not allow all options of ALL to be set when only a few of them are X-Git-Tag: 2.3.0~675 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f8e9c42a0dfd3cf753ace1de931a92ee390b7083;p=thirdparty%2Fapache%2Fhttpd.git * Do not allow all options of ALL to be set when only a few of them are allowed. PR: 44262 Submitted by: Michał Grzędzicki Reviewed by: rpluem git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@652885 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 58ca77c3cce..2f6c4245659 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ Changes with Apache 2.3.0 [ When backported to 2.2.x, remove entry from this file ] + + *) core: Do not allow Options ALL if not all options are allowed to be + overwritten. PR 44262 [Michał Grzędzicki ] + *) ap_cache_cacheable_headers_out() will (now) always merge an error heaeders _before_ clearing them and _before_ merging in the actual entity headers and doing normal diff --git a/server/core.c b/server/core.c index 3542d8abf57..955a8fe76ed 100644 --- a/server/core.c +++ b/server/core.c @@ -1434,7 +1434,7 @@ static const char *set_options(cmd_parms *cmd, void *d_, const char *l) return apr_pstrcat(cmd->pool, "Illegal option ", w, NULL); } - if (!(cmd->override_opts & opt) && opt != OPT_NONE) { + if ( (cmd->override_opts & opt) != opt ) { return apr_pstrcat(cmd->pool, "Option ", w, " not allowed here", NULL); } else if (action == '-') {