Am 12.07.2011 18:13, schrieb fua...@apache.org:
Author: fuankg
Date: Tue Jul 12 16:13:28 2011
New Revision: 1145647
URL: http://svn.apache.org/viewvc?rev=1145647&view=rev
Log:
Fixed some more env vars which make problems.
This fix is based on BZ 13029 / 34985, and includes
now the SSL_ and GEOIP_ vars; otherwise its impossible
to run CGIs when mod_ssl and/or mod_geoip are loaded
and those mods return UTF-8 chars in any var during a
request.
Modified:
httpd/httpd/trunk/modules/arch/win32/mod_win32.c
Modified: httpd/httpd/trunk/modules/arch/win32/mod_win32.c
URL:
http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/arch/win32/mod_win32.c?rev=1145647&r1=1145646&r2=1145647&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/arch/win32/mod_win32.c (original)
+++ httpd/httpd/trunk/modules/arch/win32/mod_win32.c Tue Jul 12 16:13:28 2011
@@ -528,9 +528,10 @@ static apr_status_t ap_cgi_build_command
&& (strncmp(elts[i].key, "HTTP_", 5) == 0
|| strncmp(elts[i].key, "SERVER_", 7) == 0
|| strncmp(elts[i].key, "REQUEST_", 8) == 0
- || strcmp(elts[i].key, "QUERY_STRING") == 0
- || strcmp(elts[i].key, "PATH_INFO") == 0
- || strcmp(elts[i].key, "PATH_TRANSLATED") == 0)) {
+ || strncmp(elts[i].key, "PATH_", 5) == 0
+ || strncmp(elts[i].key, "SSL_", 4) == 0
+ || strncmp(elts[i].key, "GEOIP_", 6) == 0
+ || strcmp(elts[i].key, "QUERY_STRING") == 0)) {
prep_string((const char**)&elts[i].val, r->pool);
}
}
Just looked again at this, and instead of adding more and more vars to
this list we should probably do the opposite: just check for those where
we know for sure they will never hold UTF-8 chars like REMOTE_,
GATEWAY_INTERFACE, REQUEST_METHOD, SERVER_ADDR, SERVER_PORT,
SERVER_PROTOCOL, and fixup all others; otherwise this issue will pop up
again sooner or later with other 3rd-party mods like I faced now already
with mod_geoip ...
Comments?
Gün.
