From 4b67647879c25a41fae98bdcf9950c56c3939d6f Mon Sep 17 00:00:00 2001 From: Ruediger Pluem Date: Fri, 8 Aug 2008 21:25:04 +0000 Subject: [PATCH] Merge r674000 from trunk: * Prevent Header edit from processing only the first header it should edit and deleting the remaining ones by iterating over all headers with the same name. PR: 45333 Submitted by: rpluem Reviewed by: rpluem, niq, mturk git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@684100 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 4 ++++ STATUS | 9 --------- modules/metadata/mod_headers.c | 37 ++++++++++++++++++++++++++++++---- 3 files changed, 37 insertions(+), 13 deletions(-) diff --git a/CHANGES b/CHANGES index bab36c2007d..b43bbd0faef 100644 --- a/CHANGES +++ b/CHANGES @@ -5,6 +5,10 @@ Changes with Apache 2.2.10 mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem] + *) mod_headers: Prevent Header edit from processing only the first header + of possibly multiple headers with the same name and deleting the + remaining ones. PR 45333. [Ruediger Pluem] + *) mod_proxy_balancer: Move nonce field in the balancer manager page inside the html form where it belongs. PR 45578. [Ruediger Pluem] diff --git a/STATUS b/STATUS index 72021a32fe0..b3d09c269f4 100644 --- a/STATUS +++ b/STATUS @@ -90,15 +90,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: http://svn.apache.org/viewvc?rev=639010&view=rev (mmn) +1: niq, rpluem, mturk - * mod_headers: Prevent Header edit from processing only the first header it - should edit and deleting the remaining ones by iterating over all headers - with the same name. PR: 45333 - Trunk version of patch: - http://svn.apache.org/viewvc?rev=674000&view=rev - Backport version for 2.2.x of patch: - Trunk version of patch works - +1: rpluem, niq, mturk - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/modules/metadata/mod_headers.c b/modules/metadata/mod_headers.c index d35c44f14b2..8e748fa9d74 100644 --- a/modules/metadata/mod_headers.c +++ b/modules/metadata/mod_headers.c @@ -133,6 +133,13 @@ typedef struct { header_entry *hdr; } echo_do; +/* edit_do is used for Header edit to iterate through the request headers */ +typedef struct { + apr_pool_t *p; + header_entry *hdr; + apr_table_t *t; +} edit_do; + /* * headers_conf is our per-module configuration. This is used as both * a per-dir and per-server config @@ -578,6 +585,22 @@ static int echo_header(echo_do *v, const char *key, const char *val) return 1; } +static int edit_header(void *v, const char *key, const char *val) +{ + edit_do *ed = (edit_do *)v; + + apr_table_addn(ed->t, key, process_regexp(ed->hdr, val, ed->p)); + return 1; +} + +static int add_them_all(void *v, const char *key, const char *val) +{ + apr_table_t *headers = (apr_table_t *)v; + + apr_table_addn(headers, key, val); + return 1; +} + static void do_headers_fixup(request_rec *r, apr_table_t *headers, apr_array_header_t *fixup, int early) { @@ -669,10 +692,16 @@ static void do_headers_fixup(request_rec *r, apr_table_t *headers, echo_header, (void *) &v, r->headers_in, NULL); break; case hdr_edit: - val = apr_table_get(headers, hdr->header); - if (val != NULL) { - apr_table_setn(headers, hdr->header, - process_regexp(hdr, val, r->pool)); + if (apr_table_get(headers, hdr->header)) { + edit_do ed; + + ed.p = r->pool; + ed.hdr = hdr; + ed.t = apr_table_make(r->pool, 5); + apr_table_do(edit_header, (void *) &ed, headers, hdr->header, + NULL); + apr_table_unset(headers, hdr->header); + apr_table_do(add_them_all, (void *) headers, ed.t, NULL); } break; } -- 2.47.2