Note: given the role of this function in keeping requests inside the
document root, I've tested this new code against the standard boundary
cases like "/./../foo" and "/foo/../../bar". If anyone has specific
additional test cases or points of concern, though, please let me know.
Thanks,
--Brian
[EMAIL PROTECTED] wrote:
>brianp 01/12/02 16:49:28
>
> Modified: server util.c
> Log:
> Optimization for ap_getparents: skip past all the leading
> characters of the path that aren't '.' rather than copying
> those bytes onto themselves
>
> Revision Changes Path
> 1.118 +7 -4 httpd-2.0/server/util.c
>
> Index: util.c
> ===================================================================
> RCS file: /home/cvs/httpd-2.0/server/util.c,v
> retrieving revision 1.117
> retrieving revision 1.118
> diff -u -r1.117 -r1.118
> --- util.c 2001/12/02 20:38:33 1.117
> +++ util.c 2001/12/03 00:49:28 1.118
> @@ -476,12 +476,15 @@
> */
> AP_DECLARE(void) ap_getparents(char *name)
> {
> - int l, w;
> + char *next;
> + int l, w, first_dot;
>
> /* Four paseses, as per RFC 1808 */
> /* a) remove ./ path segments */
> -
> - for (l = 0, w = 0; name[l] != '\0';) {
> + for (next = name; *next && (*next != '.'); next++) {
> + }
> + l = w = first_dot = next - name;
> + while (name[l] != '\0') {
> if (name[l] == '.' && name[l + 1] == '/' && (l == 0 || name[l - 1] == '/'))
> l += 2;
> else
> @@ -496,7 +499,7 @@
> name[w] = '\0';
>
> /* c) remove all xx/../ segments. (including leading ../ and /../) */
> - l = 0;
> + l = first_dot;
>
> while (name[l] != '\0') {
> if (name[l] == '.' && name[l + 1] == '.' && name[l + 2] == '/' &&
>
>
>
>
