mturk    2004/03/13 02:36:04

 Modified:  jk/native2/server/isapi jk_isapi_plugin.c
 Log:
 Return 400 - Bad Request if the hostname is longer then 1012 bytes,
 and if port is out of rage [0-65536]
 
 Revision Changes  Path
 1.62   +11 -2   
jakarta-tomcat-connectors/jk/native2/server/isapi/jk_isapi_plugin.c
 
 Index: jk_isapi_plugin.c
 ===================================================================
 RCS file: 
/home/cvs/jakarta-tomcat-connectors/jk/native2/server/isapi/jk_isapi_plugin.c,v
 retrieving revision 1.61
 retrieving revision 1.62
 diff -u -r1.61 -r1.62
 --- jk_isapi_plugin.c 28 Feb 2004 09:01:11 -0000   1.61
 +++ jk_isapi_plugin.c 13 Mar 2004 10:36:04 -0000   1.62
 @@ -270,7 +270,7 @@
  
          rc = jk_requtil_unescapeUrl(uri);
          jk_requtil_getParents(uri);
 -
 +        Host[0] = '\0';
          if (pfc->GetServerVariable(pfc, SERVER_NAME, (LPVOID)Host, 
(LPDWORD)&szHost)){
            if (szHost > 0) {
              Host[szHost-1] = '\0';
 @@ -283,6 +283,14 @@
            }
          }
          nPort = atoi(Port);
 +        if (strlen(Host) > 1012 || nPort < 0 || nPort > 65535) {
 +          env->l->jkLog(env, env->l, JK_LOG_ERROR, 
 +            "HttpFilterProc [%s] contains invalid host or port 
value.\n", 
 +            uri);
 +          write_error_response(pfc,"400 Bad Request", HTML_ERROR_400);
 +          workerEnv->globalEnv->releaseEnv( workerEnv->globalEnv, env );
 +          return SF_STATUS_REQ_FINISHED;
 +        }
          env->l->jkLog(env, env->l, JK_LOG_DEBUG, 
                "In HttpFilterProc Virtual Host redirection of %s : 
%s\n", 
                Host, Port);
 @@ -578,6 +586,7 @@
      rc=(JK_OK == workerEnv->config->setPropertyString( env, workerEnv->config, 
"config.file", worker_file ));
    }
    workerEnv->init(env,workerEnv);
 + 
    env->l->jkLog(env, env->l, JK_LOG_INFO, "Set serverRoot %s\n", server_root);
    if (using_ini_file) {
      env->l->jkLog(env, env->l, JK_LOG_DEBUG, "Using ini file %s.\n", 
ini_file_name);
 
 
 

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to