>Number: 3249 >Category: mod_imap >Synopsis: mod_imap not handling whitespace in map files >Confidential: no >Severity: serious >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Oct 19 15:10:01 PDT 1998 >Last-Modified: >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.3.3 >Environment: SunOS:uname -a SunOS yima 5.6 Generic sun4u sparc SUNW,Ultra-1 SunOS:gcc --version 2.7.2.3 SunOS:/usr/local/web/sbin/httpd -V Server version: Apache/1.3.3 (Unix) Server built: Oct 13 1998 09:46:34 Server's Module Magic Number: 19980917:0 Server compiled with.... -D HAVE_MMAP -D USE_MMAP_SCOREBOARD -D USE_MMAP_FILES -D USE_FCNTL_SERIALIZED_ACCEPT -D HTTPD_ROOT="/usr/local/web" -D SUEXEC_BIN="/usr/local/web/sbin/suexec" -D SHARED_CORE_DIR="/usr/local/web/lib" -D DEFAULT_PIDLOG="var/run/httpd.pid" -D DEFAULT_SCOREBOARD="var/run/httpd.scoreboard" -D DEFAULT_LOCKFILE="var/run/httpd.lock" -D DEFAULT_XFERLOG="var/log/access_log" -D DEFAULT_ERRORLOG="var/log/error_log" -D TYPES_CONFIG_FILE="etc/mime.types" -D SERVER_CONFIG_FILE="etc/httpd.conf" -D ACCESS_CONFIG_FILE="etc/access.conf" -D RESOURCE_CONFIG_FILE="etc/srm.conf" >Description: According to the comments around line 680 in src/modules/standard/mod_imap.c ( which were added in mod_imap rev 1.37, after apache_1.3b3 ), it is believed that an earlier call to ap_cfg_getline has compressed down other whitespace within a line to just a single space. But in src/main/util.c, compressing out multiple spaces was taken out at rev 1.127, before apache_1.3.2. >How-To-Repeat: With the following map file, mod_imap will only process the "/status/" link.
rect /status/ 11,6 134,101 rect /info/ 213,1 335,99 I have setup two test servers, one running at http://www.seppuku.net:8000/ using the 1.3.3 version of mod_imap, and another at http://www.seppuku.net:8001/ using mod_imap with the following patch. >Fix: Here is a patch that has seemed to solve the problem for me: *** mod_imap.c-orig Mon Oct 19 09:53:38 1998 --- mod_imap.c Mon Oct 19 12:00:25 1998 *************** *** 692,698 **** } directive = string_pos; ! while (*string_pos && *string_pos != ' ') { /* past directive */ ++string_pos; } if (!*string_pos) { /* need at least two fields */ --- 692,698 ---- } directive = string_pos; ! while (*string_pos && !ap_isspace(*string_pos) ) { /* past directive */ ++string_pos; } if (!*string_pos) { /* need at least two fields */ *************** *** 703,713 **** if (!*string_pos) { /* need at least two fields */ goto need_2_fields; } value = string_pos; ! while (*string_pos && *string_pos != ' ') { /* past value */ ++string_pos; } ! if (*string_pos == ' ') { *string_pos++ = '\0'; } else { --- 703,717 ---- if (!*string_pos) { /* need at least two fields */ goto need_2_fields; } + while(*string_pos && ap_isspace(*string_pos) ) { /* past whitespace */ + ++string_pos; + } + value = string_pos; ! while (*string_pos && !ap_isspace(*string_pos) ) { /* past value */ ++string_pos; } ! if (ap_isspace(*string_pos) ) { *string_pos++ = '\0'; } else { >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include <[EMAIL PROTECTED]> in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ] [If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request ] [from a developer. ] [Reply only with text; DO NOT SEND ATTACHMENTS! ]
