>Number: 2045
>Category: mod_rewrite
>Synopsis: Two successive tests in mod_rewrite.c are ordered such that
>the second will never happen.
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Tue Apr 7 15:50:01 PDT 1998
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.2.6, 1.3b5
>Environment:
Any
>Description:
The argument verification for RewriteBase tests to make sure that the
first character is *not* `/', and *then* tests for an empty string.
Those should be reversed, or an empty argument will genrate the "invalid URL"
warning rather than the "empty URL" warning.
>How-To-Repeat:
>Fix:
Trivial patch:
--- mod_rewrite.c.orig Tue Apr 7 17:45:24 1998
+++ mod_rewrite.c Tue Apr 7 17:45:36 1998
@@ -457,10 +457,10 @@
{
if (cmd->path == NULL || dconf == NULL)
return "RewriteBase: only valid in per-directory config files";
- if (a1[0] != '/')
- return "RewriteBase: argument is not a valid URL";
if (a1[0] == '\0')
return "RewriteBase: empty URL not allowed";
+ if (a1[0] != '/')
+ return "RewriteBase: argument is not a valid URL";
dconf->baseurl = pstrdup(cmd->pool, a1);
%0
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
