From 4d74a02ef4b10aaa42ef4ef7a758854e5586fc9f Mon Sep 17 00:00:00 2001
From: dgaudet <dgaudet@unknown>
Date: Sat, 28 Jun 1997 22:01:42 +0000
Subject: [PATCH] PR#644: mod_include trampled on r->args when it shouldn't

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3@78419 13f79535-47bb-0310-9956-ffa450edef68
---
 APACHE_1_2_X/src/CHANGES                       |  3 +++
 .../src/modules/standard/mod_include.c         | 18 ++++++++++++------
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/APACHE_1_2_X/src/CHANGES b/APACHE_1_2_X/src/CHANGES
index b88577e7acc..5888a201ae5 100644
--- a/APACHE_1_2_X/src/CHANGES
+++ b/APACHE_1_2_X/src/CHANGES
@@ -20,6 +20,9 @@ Changes with Apache 1.2.1
      for the net if we require people that actually need this data to
      enable it.  [Linus Torvalds]
 
+  *) QUERY_STRING was unescaped in mod_include, it shouldn't be.
+     [Dean Gaudet] PR#644
+
   *) mod_include was not properly changing the current directory.
      [Marc Slemko] PR#742
 
diff --git a/APACHE_1_2_X/src/modules/standard/mod_include.c b/APACHE_1_2_X/src/modules/standard/mod_include.c
index d38694cd30a..2c2d2ad57e0 100644
--- a/APACHE_1_2_X/src/modules/standard/mod_include.c
+++ b/APACHE_1_2_X/src/modules/standard/mod_include.c
@@ -128,9 +128,11 @@ void add_include_vars(request_rec *r, char *timefmt)
     else
         table_set (e, "DOCUMENT_NAME", r->uri);
     if (r->args) {
-        unescape_url (r->args);
+	char *arg_copy = pstrdup (r->pool, r->args);
+
+        unescape_url (arg_copy);
 	  table_set (e, "QUERY_STRING_UNESCAPED",
-		   escape_shell_cmd (r->pool, r->args));
+		   escape_shell_cmd (r->pool, arg_copy));
     }
 }
 
@@ -625,10 +627,12 @@ void include_cmd_child (void *arg)
     }
 
     if (r->args) {
+	char *arg_copy = pstrdup (r->pool, r->args);
+
         table_set (env, "QUERY_STRING", r->args);
-	unescape_url (r->args);
+	unescape_url (arg_copy);
 	table_set (env, "QUERY_STRING_UNESCAPED",
-		   escape_shell_cmd (r->pool, r->args));
+		   escape_shell_cmd (r->pool, arg_copy));
     }
     
     error_log2stderr (r->server);
@@ -1666,10 +1670,12 @@ void send_parsed_content(FILE *f, request_rec *r)
 
     chdir_file (r->filename);
     if (r->args) { /* add QUERY stuff to env cause it ain't yet */
+	char *arg_copy = pstrdup (r->pool, r->args);
+
         table_set (r->subprocess_env, "QUERY_STRING", r->args);
-        unescape_url (r->args);
+        unescape_url (arg_copy);
         table_set (r->subprocess_env, "QUERY_STRING_UNESCAPED",
-                escape_shell_cmd (r->pool, r->args));
+                escape_shell_cmd (r->pool, arg_copy));
     }
 
     while(1) {
-- 
2.47.2