cvs commit: apache-1.3/src CHANGES
dgaudet 98/08/13 20:00:17 Modified:src CHANGES Log: another helpful pointer Revision ChangesPath 1.1025+1 -1 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1024 retrieving revision 1.1025 diff -u -r1.1024 -r1.1025 --- CHANGES 1998/08/14 02:49:42 1.1024 +++ CHANGES 1998/08/14 03:00:15 1.1025 @@ -3,7 +3,7 @@ *) Split MODULE_MAGIC_NUMBER into _MAJOR/_MINOR numbers. This should provide a way to trace API changes that add functionality but do not create a compatibility issue for precompiled modules, etc. - [Randy Terbush] + See include/ap_mmn.h for more details. [Randy Terbush] *) Fix suexec installation under `make install root=xxx' situation. [Ralf S. Engelschall]
cvs commit: apache-1.3 STATUS
dgaudet 98/08/13 19:54:21 Modified:.STATUS Log: note about O(n^2) on win32 Revision ChangesPath 1.456 +4 -1 apache-1.3/STATUS Index: STATUS === RCS file: /export/home/cvs/apache-1.3/STATUS,v retrieving revision 1.455 retrieving revision 1.456 diff -u -r1.455 -r1.456 --- STATUS1998/08/06 00:53:22 1.455 +++ STATUS1998/08/14 02:54:20 1.456 @@ -12,11 +12,14 @@ RELEASE SHOWSTOPPERS: -WIN32 1.3.1 RELEASE SHOWSTOPPERS: +WIN32 1.3.2 RELEASE SHOWSTOPPERS: * can not build tarball until someone verifies the final code will build on win32. Want to avoid changes-after-tag that happened with 1.3.0. + +* fix O(n^2) attack in mod_isapi.c ... i.e. recopy the code from + scan_script_headers_err_core. Documentation that needs writing:
cvs commit: apache-1.3/src/modules/standard mod_cern_meta.c
dgaudet 98/08/13 19:49:57 Modified:src CHANGES src/include alloc.h src/main alloc.c http_protocol.c util_script.c src/modules/standard mod_cern_meta.c Log: Add ap_overlap_tables. Fix various O(n^2) attacks using it. Revision ChangesPath 1.1024+3 -1 apache-1.3/src/CHANGES Index: CHANGES === RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v retrieving revision 1.1023 retrieving revision 1.1024 diff -u -r1.1023 -r1.1024 --- CHANGES 1998/08/13 01:54:59 1.1023 +++ CHANGES 1998/08/14 02:49:42 1.1024 @@ -22,7 +22,9 @@ [Jim Jagielski] *) SECURITY: Eliminate O(n^2) space DoS attacks (and other O(n^2) - cpu time attacks) in header parsing. [Dean Gaudet] + cpu time attacks) in header parsing. Add ap_overlap_tables(), + a function which can be used to perform bulk update operations + on tables in a more efficient manner. [Dean Gaudet] *) SECURITY: Added compile-time and configurable limits for various aspects of reading a client request to avoid some simple 1.63 +4 -2 apache-1.3/src/include/alloc.h Index: alloc.h === RCS file: /export/home/cvs/apache-1.3/src/include/alloc.h,v retrieving revision 1.62 retrieving revision 1.63 diff -u -r1.62 -r1.63 --- alloc.h 1998/08/09 17:36:24 1.62 +++ alloc.h 1998/08/14 02:49:45 1.63 @@ -199,7 +199,7 @@ int i; for (i = 0; i < barr->nelts; ++i) { - if (merge) { + if (flags & AP_OVERLAP_TABLES_MERGE) { ap_table_mergen(a, belt[i].key, belt[i].val); } else { @@ -214,7 +214,9 @@ in an ancestor of a's pool. In practice b and a are usually from the same pool. */ -API_EXPORT(void) ap_overlap_tables(table *a, const table *b, int merge); +#define AP_OVERLAP_TABLES_SET(0) +#define AP_OVERLAP_TABLES_MERGE (1) +API_EXPORT(void) ap_overlap_tables(table *a, const table *b, unsigned flags); /* XXX: these know about the definition of struct table in alloc.c. That * definition is not here because it is supposed to be private, and by not 1.99 +157 -0apache-1.3/src/main/alloc.c Index: alloc.c === RCS file: /export/home/cvs/apache-1.3/src/main/alloc.c,v retrieving revision 1.98 retrieving revision 1.99 diff -u -r1.98 -r1.99 --- alloc.c 1998/08/03 09:14:51 1.98 +++ alloc.c 1998/08/14 02:49:47 1.99 @@ -1386,6 +1386,163 @@ va_end(vp); } +/* Curse libc and the fact that it doesn't guarantee a stable sort. We + * have to enforce stability ourselves by using the order field. If it + * provided a stable sort then we wouldn't even need temporary storage to + * do the work below. -djg + * + * ("stable sort" means that equal keys retain their original relative + * ordering in the output.) + */ +typedef struct { +char *key; +char *val; +int order; +} overlap_key; + +static int sort_overlap(const void *va, const void *vb) +{ +const overlap_key *a = va; +const overlap_key *b = vb; +int r; + +r = strcasecmp(a->key, b->key); +if (r) { + return r; +} +return a->order - b->order; +} + +/* prefer to use the stack for temp storage for overlaps smaller than this */ +#ifndef AP_OVERLAP_TABLES_ON_STACK +#define AP_OVERLAP_TABLES_ON_STACK (512) +#endif + +API_EXPORT(void) ap_overlap_tables(table *a, const table *b, unsigned flags) +{ +overlap_key cat_keys_buf[AP_OVERLAP_TABLES_ON_STACK]; +overlap_key *cat_keys; +int nkeys; +table_entry *e; +table_entry *last_e; +overlap_key *left; +overlap_key *right; +overlap_key *last; + +nkeys = a->a.nelts + b->a.nelts; +if (nkeys < AP_OVERLAP_TABLES_ON_STACK) { + cat_keys = cat_keys_buf; +} +else { + /* XXX: could use scratch free space in a or b's pool instead... + * which could save an allocation in b's pool. + */ + cat_keys = ap_palloc(b->a.pool, sizeof(overlap_key) * nkeys); +} + +nkeys = 0; + +/* Create a list of the entries from a concatenated with the entries + * from b. + */ +e = (table_entry *)a->a.elts; +last_e = e + a->a.nelts; +while (e < last_e) { + cat_keys[nkeys].key = e->key; + cat_keys[nkeys].val = e->val; + cat_keys[nkeys].order = nkeys; + ++nkeys; + ++e; +} + +e = (table_entry *)b->a.elts; +last_e = e + b->a.nelts; +while (e < last_e) { + cat_keys[nkeys].key = e->key; + cat_keys[nkeys].val = e->val; + cat_keys[nkeys].order = nkeys;
cvs commit: apache-1.3/src/include ap_mmn.h
dgaudet 98/08/13 19:49:10 Modified:src/include ap_mmn.h Log: ap_log_rerror() certainly wasn't a minor change, it happened before that concept existed. Put its correct entry into the list. Make the minor module number useable... provide a macro that tests the version in a more convenient mannor. Add ap_overlap_tables() (which I'm about to commit). Revision ChangesPath 1.3 +31 -10apache-1.3/src/include/ap_mmn.h Index: ap_mmn.h === RCS file: /export/home/cvs/apache-1.3/src/include/ap_mmn.h,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- ap_mmn.h 1998/08/13 02:51:27 1.2 +++ ap_mmn.h 1998/08/14 02:49:09 1.3 @@ -60,8 +60,17 @@ /* * MODULE_MAGIC_NUMBER_MAJOR - * major API changes that could cause compatibility problems for older modules + * Major API changes that could cause compatibility problems for older modules + * such as structure size changes. No binary compatibility is possible across + * a change in the major version. * + * MODULE_MAGIC_NUMBER_MINOR + * Minor API changes that do not cause binary compatibility problems. + * + * See the MODULE_MAGIC_AT_LEAST macro below for an example. + */ + +/* * 19950525 - original value * 19960512 (1.1b2) - updated, 1.1, version. * 19960526 (1.1b3) - get_token(), table_unset(), pstrndup() @@ -148,24 +157,36 @@ * 3. ap_config.h -> ap_config_auto.h - now merged * 4. compat.h-> ap_compat.h * 5. apctype.h -> ap_ctype.h + * 19980806 (1.3.2-dev) - add ap_log_rerror() * 19980811 (1.3.2-dev) - added limit_req_line, limit_req_fieldsize, and * limit_req_fields to server_rec. * added limit_req_body to core_dir_config and * ap_get_limit_req_body() to get its value. - * 19980812 (1.3.1-dev) - split of MODULE_MAGIC_NUMBER + * 19980812 (1.3.2-dev) - split off MODULE_MAGIC_NUMBER + * 19980812.2 - add ap_overlap_tables() */ -/* - * MODULE_MAGIC_NUMBER_MINOR - * minor API changes that won't cause compatibility problems for older modules - * - * 0001 - Add ap_log_rerror() - */ - #ifndef MODULE_MAGIC_NUMBER_MAJOR #define MODULE_MAGIC_NUMBER_MAJOR 19980812 #endif -#define MODULE_MAGIC_NUMBER_MINOR 0001 +#define MODULE_MAGIC_NUMBER_MINOR 2 #define MODULE_MAGIC_NUMBER MODULE_MAGIC_NUMBER_MAJOR/* backward compat */ + +/* Useful for testing for features. */ +#define MODULE_MAGIC_AT_LEAST(major,minor) \ +((major) > MODULE_MAGIC_NUMBER_MAJOR \ + || ((major) == MODULE_MAGIC_NUMBER_MAJOR\ + && (minor) >= MODULE_MAGIC_NUMBER_MINOR)) + +/* For example, suppose you wish to use the ap_overlap_tables + function. You can do this: + +#if MODULE_MAGIC_AT_LEAST(19980812,2) +... use ap_overlap_tables() +#else +... alternative code which doesn't use ap_overlap_tables() +#endif + +*/ #endif /* !APACHE_AP_MMN_H */