akosut 96/11/28 09:26:30
Modified: src mod_dir.c
Log:
Fix directory indexing so that if an index file encounters an error
that is not 404, it returns that error instead of a directory index.
This was causing unsafe behavior.
Reviewed by: Brian Behlendorf, Aram Mirzadeh, Paul Sutton
Revision Changes Path
1.16 +16 -0 apache/src/mod_dir.c
Index: mod_dir.c
===================================================================
RCS file: /export/home/cvs/apache/src/mod_dir.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -C3 -r1.15 -r1.16
*** mod_dir.c 1996/11/03 20:48:33 1.15
--- mod_dir.c 1996/11/28 17:26:29 1.16
***************
*** 768,773 ****
--- 768,774 ----
(dir_config_rec *)get_module_config (r->per_dir_config, &dir_module);
const char *names_ptr = d->index_names ? d->index_names : DEFAULT_INDEX;
int allow_opts = allow_options (r);
+ int error_notfound = 0;
if (r->uri[0] == '\0' || r->uri[strlen(r->uri)-1] != '/') {
char* ifile;
***************
*** 808,815 ****
--- 809,831 ----
return OK;
}
+ /* If the request returned something other than 404 (or 200),
+ * it means the module encountered some sort of problem. To be
+ * secure, we should return the error, rather than create
+ * along a (possibly unsafe) directory index.
+ *
+ * So we store the error, and if none of the listed files
+ * exist, we return the last error response we got, instead
+ * of a directory listing.
+ */
+ if (rr->status && rr->status != 404 && rr->status != 200)
+ error_notfound = rr->status;
+
destroy_sub_req (rr);
}
+
+ if (error_notfound)
+ return error_notfound;
if (r->method_number != M_GET) return NOT_IMPLEMENTED;
