VladPolskiy/apache-http-server
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-15 23:27:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix <Limit> and <LimitExcept> parsing to require a closing '>'

Browse Source 
in the initial container.

PR:                25414
Submitted by:	   Geoffrey Young <geoff apache.org>]
Reviewed by:	   Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102021 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jeff Trawick
2003-12-10 22:40:33 +00:00
parent ef4b1b3de7
commit 3efb8f70cc
2 changed files with 21 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -2,6 +2,10 @@ Changes with Apache 2.1.0-dev
[Remove entries to the current 2.0 section below, when backported]
*) Fix <Limit> and <LimitExcept> parsing to require a closing '>'
in the initial container. PR 25414.
[Geoffrey Young <geoff apache.org>]
*) Fix memory leak in handling of request bodies during reverse
proxy operations. PR 24991. [Larry Toppi <larry.toppi citrix.com>]

27
server/core.c
View File

@ -1552,11 +1552,21 @@ static const char *require(cmd_parms *cmd, void *c_, const char *arg)
return NULL;
}
/*
* Report a missing-'>' syntax error.
*/
static char *unclosed_directive(cmd_parms *cmd)
{
return apr_pstrcat(cmd->pool, cmd->cmd->name,
"> directive missing closing '>'", NULL);
}
AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd,
void *dummy,
const char *arg)
{
const char *limited_methods = ap_getword(cmd->pool, &arg, '>');
const char *endp = ap_strrchr_c(arg, '>');
const char *limited_methods;
void *tog = cmd->cmd->cmd_data;
apr_int64_t limited = 0;
const char *errmsg;
@ -1566,6 +1576,12 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd,
return err;
}
if (endp == NULL) {
return unclosed_directive(cmd);
}
limited_methods = apr_pstrndup(cmd->pool, arg, endp - arg);
while (limited_methods[0]) {
char *method = ap_getword_conf(cmd->pool, &limited_methods);
int methnum;
@ -1610,15 +1626,6 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd,
#define USE_ICASE 0
#endif
/*
* Report a missing-'>' syntax error.
*/
static char *unclosed_directive(cmd_parms *cmd)
{
return apr_pstrcat(cmd->pool, cmd->cmd->name,
"> directive missing closing '>'", NULL);
}
static const char *dirsection(cmd_parms *cmd, void *mconfig, const char *arg)
{
const char *errmsg;