]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 80f3a18)
expr parse fail should hide conditional content
authorEric Covener <covener@apache.org>
Mon, 1 Jun 2026 17:41:30 +0000 (17:41 +0000)
committerEric Covener <covener@apache.org>
Mon, 1 Jun 2026 17:41:30 +0000 (17:41 +0000)
these are neither true or false, the enclosing content should not
be printed

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1934852 13f79535-47bb-0310-9956-ffa450edef68

changes-entries/includes-error.txt [new file with mode: 0644] patch | blob
modules/filters/mod_include.c patch | blob | blame | history
modules/filters/mod_include.h patch | blob | blame | history

diff --git a/changes-entries/includes-error.txt b/changes-entries/includes-error.txt
new file mode 100644 (file)
index 0000000..07ed59f
--- /dev/null
+++ b/changes-entries/includes-error.txt
@@ -0,0 +1,2 @@
+  *) mod_include: Don't print any of if/elsif/else content when
+     a conditional evaluation returns an error. [Eric Covener]
diff --git a/modules/filters/mod_include.c b/modules/filters/mod_include.c
index 2c0cc67545cfc811bbeebfa329bb060c2c1f0ce9..0333d5c882b09bbbaf4261e5c0da9c67126a5b3f 100644 (file)
--- a/modules/filters/mod_include.c
+++ b/modules/filters/mod_include.c
@@ -2329,6 +2329,8 @@ static apr_status_t handle_if(include_ctx_t *ctx, ap_filter_t *f,
 
     if (ctx->argc != 1) {
         SSI_CREATE_ERROR_BUCKET(ctx, f, bb);
+        ctx->flags &= SSI_FLAG_CLEAR_PRINT_COND;
+        ctx->flags |= SSI_FLAG_COND_ERROR;
         return APR_SUCCESS;
     }
 
@@ -2338,6 +2340,8 @@ static apr_status_t handle_if(include_ctx_t *ctx, ap_filter_t *f,
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01354) "unknown parameter \"%s\" "
                       "to tag if in %s", tag, r->filename);
         SSI_CREATE_ERROR_BUCKET(ctx, f, bb);
+        ctx->flags &= SSI_FLAG_CLEAR_PRINT_COND;
+        ctx->flags |= SSI_FLAG_COND_ERROR;
         return APR_SUCCESS;
     }
 
@@ -2345,6 +2349,8 @@ static apr_status_t handle_if(include_ctx_t *ctx, ap_filter_t *f,
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01355) "missing expr value for if "
                       "element in %s", r->filename);
         SSI_CREATE_ERROR_BUCKET(ctx, f, bb);
+        ctx->flags &= SSI_FLAG_CLEAR_PRINT_COND;
+        ctx->flags |= SSI_FLAG_COND_ERROR;
         return APR_SUCCESS;
     }
 
@@ -2356,6 +2362,8 @@ static apr_status_t handle_if(include_ctx_t *ctx, ap_filter_t *f,
         expr_ret = parse_ap_expr(ctx, expr, &was_error);
 
     if (was_error) {
+        ctx->flags &= SSI_FLAG_CLEAR_PRINT_COND;
+        ctx->flags |= SSI_FLAG_COND_ERROR;
         SSI_CREATE_ERROR_BUCKET(ctx, f, bb);
         return APR_SUCCESS;
     }
@@ -2401,6 +2409,8 @@ static apr_status_t handle_elif(include_ctx_t *ctx, ap_filter_t *f,
 
     if (ctx->argc != 1) {
         SSI_CREATE_ERROR_BUCKET(ctx, f, bb);
+        ctx->flags &= SSI_FLAG_CLEAR_PRINT_COND;
+        ctx->flags |= SSI_FLAG_COND_ERROR;
         return APR_SUCCESS;
     }
 
@@ -2410,6 +2420,8 @@ static apr_status_t handle_elif(include_ctx_t *ctx, ap_filter_t *f,
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01358) "unknown parameter \"%s\" "
                       "to tag if in %s", tag, r->filename);
         SSI_CREATE_ERROR_BUCKET(ctx, f, bb);
+        ctx->flags &= SSI_FLAG_CLEAR_PRINT_COND;
+        ctx->flags |= SSI_FLAG_COND_ERROR;
         return APR_SUCCESS;
     }
 
@@ -2417,6 +2429,8 @@ static apr_status_t handle_elif(include_ctx_t *ctx, ap_filter_t *f,
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01359) "missing expr in elif "
                       "statement: %s", r->filename);
         SSI_CREATE_ERROR_BUCKET(ctx, f, bb);
+        ctx->flags &= SSI_FLAG_CLEAR_PRINT_COND;
+        ctx->flags |= SSI_FLAG_COND_ERROR;
         return APR_SUCCESS;
     }
 
@@ -2434,6 +2448,8 @@ static apr_status_t handle_elif(include_ctx_t *ctx, ap_filter_t *f,
         expr_ret = parse_ap_expr(ctx, expr, &was_error);
 
     if (was_error) {
+        ctx->flags &= SSI_FLAG_CLEAR_PRINT_COND;
+        ctx->flags |= SSI_FLAG_COND_ERROR;
         SSI_CREATE_ERROR_BUCKET(ctx, f, bb);
         return APR_SUCCESS;
     }
@@ -2480,6 +2496,11 @@ static apr_status_t handle_else(include_ctx_t *ctx, ap_filter_t *f,
 
     DEBUG_DUMP_COND(ctx, " else");
 
+    /* Don't toggle printing if there was an expression evaluation error */
+    if (ctx->flags & SSI_FLAG_COND_ERROR) {
+        return APR_SUCCESS;
+    }
+
     if (ctx->flags & SSI_FLAG_COND_TRUE) {
         ctx->flags &= SSI_FLAG_CLEAR_PRINTING;
     }
@@ -2519,6 +2540,7 @@ static apr_status_t handle_endif(include_ctx_t *ctx, ap_filter_t *f,
     DEBUG_DUMP_COND(ctx, "endif");
 
     ctx->flags |= (SSI_FLAG_PRINTING | SSI_FLAG_COND_TRUE);
+    ctx->flags &= ~SSI_FLAG_COND_ERROR;
 
     return APR_SUCCESS;
 }
diff --git a/modules/filters/mod_include.h b/modules/filters/mod_include.h
index 73714a298bcb002f1977ce24389daed83948d990..cf969e941d385db5a03ad67e2a397715ab051795 100644 (file)
--- a/modules/filters/mod_include.h
+++ b/modules/filters/mod_include.h
@@ -57,6 +57,7 @@
 #define SSI_FLAG_COND_TRUE        (1<<1)  /* Conditional eval'd to true. */
 #define SSI_FLAG_SIZE_IN_BYTES    (1<<2)  /* Sizes displayed in bytes.   */
 #define SSI_FLAG_NO_EXEC          (1<<3)  /* No Exec in current context. */
+#define SSI_FLAG_COND_ERROR       (1<<4)  /* Conditional evaluation was in error */
 
 #define SSI_FLAG_SIZE_ABBREV      (~(SSI_FLAG_SIZE_IN_BYTES))
 #define SSI_FLAG_CLEAR_PRINT_COND (~((SSI_FLAG_PRINTING) | \
Mirror of https://github.com/apache/httpd.git