chrisd at apache
May 9, 2008, 5:49 PM
Post #1 of 1
(16 views)
Permalink
|
|
svn commit: r654998 - in /httpd/httpd/trunk: CHANGES server/request.c
|
|
Author: chrisd
Date: Fri May 9 17:49:03 2008
New Revision: 654998
URL: http://svn.apache.org/viewvc?rev=654998&view=rev
Log:
When testing for slash-terminated configuration paths in
ap_location_walk(), don't look past the start of an empty string
such as that created by a <Location ""> directive.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/server/request.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=654998&r1=654997&r2=654998&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri May 9 17:49:03 2008
@@ -2,6 +2,11 @@
Changes with Apache 2.3.0
[ When backported to 2.2.x, remove entry from this file ]
+ *) core: When testing for slash-terminated configuration paths in
+ ap_location_walk(), don't look past the start of an empty string
+ such as that created by a <Location ""> directive.
+ [Chris Darroch]
+
*) core, mod_proxy: If a kept_body is present, it becomes safe for
subrequests to support message bodies. Make sure that safety
checks within the core and within the proxy are not triggered
Modified: httpd/httpd/trunk/server/request.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/request.c?rev=654998&r1=654997&r2=654998&view=diff
==============================================================================
--- httpd/httpd/trunk/server/request.c (original)
+++ httpd/httpd/trunk/server/request.c Fri May 9 17:49:03 2008
@@ -1315,7 +1315,8 @@
: (entry_core->d_is_fnmatch
? apr_fnmatch(entry_core->d, cache->cached, APR_FNM_PATHNAME)
: (strncmp(entry_core->d, cache->cached, len)
- || (entry_core->d[len - 1] != '/'
+ || (len > 0
+ && entry_core->d[len - 1] != '/'
&& cache->cached[len] != '/'
&& cache->cached[len] != '\0')))) {
continue;
|
