Checkout Tools
  • last updated 4 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates

Changeset 1393580 is being indexed.

Merge r1198940 from trunk resp. r1227280 from 2.2.x:

Fix integer overflow in ap_pregsub. This can be triggered e.g.

with mod_setenvif via a malicious .htaccess

CVE-2011-3607

http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/

Submitted by: sf

Reviewed/backported by: rjung

  1. … 3 more files in changeset.
Revert commit r1392042.

It was voted as backport of r1227280 from 2.2.x,

instead applied was r1198940 from trunk, which

breaks compilation (wrong return type, non-existing

APR macro). The 2.2 revision has these fixed.

Will apply the 2.2 revision next, since the vote

was actually for that one.

  1. … 3 more files in changeset.
*) SECURITY: CVE-2012-0053 (cve.mitre.org)

Fix an issue in error responses that could expose "httpOnly" cookies

when no custom ErrorDocument is specified for status code 400.

[Eric Covener]

r1234837 on 2.0.x:

http://people.apache.org/~trawick/2.0-CVE-2012-0053-r1234837.patch

+1: trawick, rjung, jim

  1. … 2 more files in changeset.
initgroups

  1. … 1 more file in changeset.
SECURITY: CVE-2012-0031 (cve.mitre.org)

  1. … 2 more files in changeset.
Merge r1198940 from trunk:

Fix integer overflow in ap_pregsub. This can be triggered e.g.

with mod_setenvif via a malicious .htaccess

CVE-2011-3607

http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/

Submitted by: sf

Reviewed/backported by: jim

  1. … 3 more files in changeset.
Merge r1179239 from trunk:

SECURITY (CVE-2011-3368): Prevent unintended pattern expansion in some

reverse proxy configurations by strictly validating the request-URI:

* server/protocol.c (read_request_line): Send a 400 response if the

request-URI does not match the grammar from RFC 2616. This ensures

the input string for RewriteRule et al really is an absolute path.

Reviewed by: jim, rjung, jorton

  1. … 1 more file in changeset.
Rename macro to a better name and sync with trunk.

Reviewed by wrowe, rjung.

  1. … 1 more file in changeset.
enabled building gen_test_char for running on build when cross-compiling;

this does not change code for any platform unless CROSS_COMPILE is defined.

Backport of r795971 - reviewed by trawick, rjung.

  1. … 1 more file in changeset.
backport r791454 from 2.2.x branch:

SECURITY: CVE-2009-1891 (cve.mitre.org)

Fix a potential Denial-of-Service attack against mod_deflate or other

modules, by forcing the server to consume CPU time in compressing a

large file after a client disconnects. [Joe Orton, Ruediger Pluem]

Submitted by: jorton, rpluem

Reviewed by: pgollucci, poirier, rjung

  1. … 2 more files in changeset.
Removed a tab and trailing spaces; no code change.

Applied accepted backport 164538.

  1. … 3 more files in changeset.
merge from trunk and 2.2.x:

SECURITY: CVE-2010-0434 (cve.mitre.org)

Ensure each subrequest has a shallow copy of headers_in so that the

parent request headers are not corrupted. Elimiates a problematic

optimization in the case of no request body.

PR: 48359

Submitted by: Jake Scott, William Rowe, Ruediger Pluem

Reviewed by: wrowe, trawick, rpluem

  1. … 2 more files in changeset.
Yes, reverting prematurely applied backport
Add CVE-2010-0434 fix for consideration
  1. … 1 more file in changeset.
httpd-2.2 and -2.0 specific patch to revert to 2.0.55/2.2.0 handling of the

stdout channel; do not close stdout in the parent process or reassign it to

\\Device\Null, but keep it open so that the console signal handler continues

to interact with the running "daemonized" httpd process.

Not committed to httpd-2.x; there is disagreement as to whether this is good

behavior for a daemon, and the proper 2.4(3.0) behavior on Win32 may be to

daemonize but properly handle -k stop by the PID file contents. Many have

asked for this feature who run a minimal httpd.exe, especially from some

removeable media such as CD, and wish to be able to halt it as a console.

PR: 44800 (part 3/3)

Submitted by: tdonovan

Backports: r663704

The environment may be manipulated by modules such as mod_perl, so regenerate

the passed env argument on each CreateProcess call.

PR: 44800 (part 2/3)

Submitted by: tdonovan

Backports: r663699

For winnt_mpm console mode, always reset our console handler to be the first,

even on a restart, because some modules (e.g. mod_perl) might have set a console

handler to terminate the process.

PR: 44800 (part 1/3)

Submitted by: tdonovan

Backports: r663669

winnt_mpm: Resolve modperl issues by redirecting console mode stdout

to /Device/Nul as the server is starting up, mirroring unix MPM's.

PR: 43534

Submitted by: Tom Donovan <Tom.Donovan acm.org> and William Rowe

Backports: r609354, r609366

  1. … 1 more file in changeset.
winnt_mpm: Restore Win32DisableAcceptEx On directive and Win9x platform

by recreating the bucket allocator each time the trans pool is cleared.

PR: 11427 #16 (follow-on)

Submitted by: Tom Donovan <Tom.Donovan acm.org>

Backport: r609181

  1. … 1 more file in changeset.
Close the child_exit_event which lives only for the scope

of master_main and was orphaned on each soft or fatal restart.

PR: 40932

Submitted by: Jeff Robbins <jeffr livedata.com>

Backport: r607677

On win32, we must never, never close the parent's copy of the

child's read end for a reliable piped logger. The child runs

and manages it's own logs, and even if the parent did instead,

the mpm would be adjusted to pass down the child write ends

without read ends to the pipes, so this forever makes no sense.

Backport: r607666

Fix winnt bucket_alloc to borrow memory from the transaction

pool, instead of exhausting pchild memory over a number of

connections.

PR: 11427

Submitted by: Alex Varju <alex varju.ca>

Backport: r607393

Backport a patch similar to r580433, but similar to the apr-1.2

specific server/log.c r602467, take into account the fact that

apr's flags could not be adjusted.

Backports: 2.2.x branch r607311

Refactor releasing the child processes by eliminating the

time lookup, eliminating the bogus/misimplemented function,

and introducing fairness to release any dead threads before

getting hung up on releasing longer lived threads.

Also pick up the time-to-wait from the server global timeout.

And finally, axe a completely bogus internal helper function.

Backports: r573103, r573105

  1. … 3 more files in changeset.
Correct the approach to std file handles by simplifying the approach

and taking better advantage of apr's now-proper support.

Already verified by Randy Kobes and Tom Donovan

Sync to trunk r580433

Remove existing showstopper

  1. … 1 more file in changeset.
Merge r580437 from trunk:

Share a single write-pipe handle for piped stderr logging, this

prevents an extra logging process from hanging around after the

initial config-phase.

Reviewed by: rpluem, wrowe

Submitted by: wrowe

Reviewed by: jim

  1. … 1 more file in changeset.
Backport applied

  1. … 2 more files in changeset.
server/log.c (log_error_core): For APLOG_DEBUG on Unix, if __FILE__

is an absolute path (as in a VPATH build), just log the basename.

Submitted by: jorton

Backport: r105258

Reviewed by: wrowe, trawick, rpluem

  1. … 1 more file in changeset.