https://issues.apache.org/bugzilla/show_bug.cgi?id=41867
--- Comment #22 from William A. Rowe Jr. <[email protected]> --- Hopefully, this will help somewhat, clearing the resolved bit. The appropriate patch will track the length of all directory-related path segments for later comparison. This snippet below is just a part of accomplishing this task; --- request.c (revision 1653666) +++ request.c (working copy) @@ -566,6 +566,8 @@ walk_cache_t *cache; char *entry_dir; apr_status_t rv; + apr_size_t dir_len; + char save_ch; int cached; /* XXX: Better (faster) tests needed!!! @@ -1169,6 +1170,9 @@ return r->status = HTTP_FORBIDDEN; } + /* directory-path string length here for DirectoryMatch */ + dir_len = strlen(r->filename); + ++seg; } while (thisinfo.filetype == APR_DIR); the optimizations earlier in the code would cause dir_len to remain unset on subrequests, owing to the fact that we don't 'parse twice' any identical path elements. I just haven't had time to evaluate each of the 'continue'/'break' cases in the intervening code. Provided that the accumulated dir_len is correct, and that we ensure r->filename, at this stage of the game, is allocated one byte longer than the given string, then we can play this quick trick to always compare the path -including- any provided trailing slash against the directorymatch regular expression strings; @@ -1191,10 +1195,17 @@ } } - /* - * Now we'll deal with the regexes, note we pick up sec_idx - * where we left off (we gave up after we hit entry_core->r) + /* Now we'll deal with the DirectoryMatch regex's + * + * First, shorten r->filename to dir_len, plus the trailing + * slash when present */ + save_ch = r->filename[dir_len + 1]; + r->filename[dir_len + 1] = '\0'; + + /* Note we pick up sec_idx where we left off + * (we gave up above once we hit entry_core->r) + */ for (; sec_idx < num_sec; ++sec_idx) { int nmatch = 0; @@ -1216,6 +1227,8 @@ pmatch = apr_palloc(rxpool, nmatch*sizeof(ap_regmatch_t)); } + /* r->filename here has been truncated to the directory path + * component -including- trailing slash if (ap_regexec(entry_core->r, r->filename, nmatch, pmatch, 0)) { continue; } @@ -1268,6 +1281,8 @@ last_walk->matched = sec_ent[sec_idx]; last_walk->merged = now_merged; } + /* Restore filename now that we have processed DirectoryMatch'es */ + r->filename[dir_len + 1] = save_ch; if (rxpool) { apr_pool_destroy(rxpool); I'll come back to this and invite everyone to beat me to completing this patch, and preventing the case described in #1 above. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
