randy 97/01/13 20:10:43
Branch: src RELEASE_1_1_X Modified: src CHANGES http_request.c mod_cookies.c Log: *) Fix a problem introduced by the directory index patch that breaks CGI with PATH_INFO arguments. *) Remove const in storage type declaration for make_cookie(). Reviewed by: Marc Slemko, Sameer Parekh Submitted by: Marc Slemko CS: Reviewed by: Revision Changes Path 1.39.2.3 +7 -0 apache/src/CHANGES Index: CHANGES =================================================================== RCS file: /export/home/cvs/apache/src/CHANGES,v retrieving revision 1.39.2.2 retrieving revision 1.39.2.3 diff -C3 -r1.39.2.2 -r1.39.2.3 *** CHANGES 1997/01/12 00:51:19 1.39.2.2 --- CHANGES 1997/01/14 04:10:38 1.39.2.3 *************** *** 1,3 **** --- 1,10 ---- + Changes with Apache 1.1.3: + + *) Fix a problem introduced by the directory index patch that + breaks CGI with PATH_INFO arguments. + + *) Remove const in storage type declaration for make_cookie(). + Changes with Apache 1.1.2: *) Fix a buffer overflow problem in mod_cookies. Without these 1.11.2.4 +5 -5 apache/src/http_request.c Index: http_request.c =================================================================== RCS file: /export/home/cvs/apache/src/http_request.c,v retrieving revision 1.11.2.3 retrieving revision 1.11.2.4 diff -C3 -r1.11.2.3 -r1.11.2.4 *** http_request.c 1997/01/12 05:17:24 1.11.2.3 --- http_request.c 1997/01/14 04:10:39 1.11.2.4 *************** *** 179,188 **** *cp = '\0'; return OK; } ! #if defined(ENOENT) ! else if (errno == ENOENT) { #else ! #error Your system apparently does not define ENOENT. #error Removal of these lines opens a security hole if protecting #error from directory indexes with DirectoryIndex. else { --- 179,188 ---- *cp = '\0'; return OK; } ! #if defined(ENOENT) && defined(ENOTDIR) ! else if (errno == ENOENT || errno == ENOTDIR) { #else ! #error Your system apparently does not define ENOENT || ENOTDIR. #error Removal of these lines opens a security hole if protecting #error from directory indexes with DirectoryIndex. else { *************** *** 195,203 **** while (cp > path && cp[-1] == '/') --cp; } ! #if defined(ENOENT) else { ! log_printf(r->server, "access to %s failed for client; unable to determine if index file exists (stat() returned unexpected error)", r->filename); return FORBIDDEN; } #endif --- 195,203 ---- while (cp > path && cp[-1] == '/') --cp; } ! #if defined(ENOENT) && defined(ENOTDIR) else { ! log_printf(r->server, "access to %s failed for client; unable to determine if index file exists (stat() returned unexpected error[%d])", r->filename, errno); return FORBIDDEN; } #endif 1.9.2.4 +1 -1 apache/src/Attic/mod_cookies.c Index: mod_cookies.c =================================================================== RCS file: /export/home/cvs/apache/src/Attic/mod_cookies.c,v retrieving revision 1.9.2.3 retrieving revision 1.9.2.4 diff -C3 -r1.9.2.3 -r1.9.2.4 *** mod_cookies.c 1997/01/12 02:05:42 1.9.2.3 --- mod_cookies.c 1997/01/14 04:10:41 1.9.2.4 *************** *** 121,127 **** struct timeval tv; char new_cookie[1024]; /* blurgh */ char *dot; ! const char *rname = pstrdup(r->pool, get_remote_host(r->connection, r->per_dir_config, REMOTE_NAME)); --- 121,127 ---- struct timeval tv; char new_cookie[1024]; /* blurgh */ char *dot; ! char *rname = pstrdup(r->pool, get_remote_host(r->connection, r->per_dir_config, REMOTE_NAME));