Checkout Tools
  • last updated a few minutes ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Fix crashes when running with debug APR (APR_POOL_DEBUG),

because all pools have NULL allocators then.

This workaround is probably not very efficient,

but is only used when we do APR_POOL_DEBUG

and efficiency shouldn't be a big concern then.

* server/util.c: Make "nul" symbol private.

Provide TEST_CHAR marco in test_char.h

For (internal) usage outside server/util.c, mod_log_forensic for now

and mod_cache (T_HTTP_TOKEN_STOP) in a few...

  1. … 2 more files in changeset.
remove null check

fails in maintainer mode w/ __attribute__(nonnull))

util.c:576:10: error: nonnull parameter 'name' will evaluate to 'true'

on first encounter [-Werror,-Wpointer-bool-conversion]

* Play safe in case we get no name
* Revert r1855741 which committed other stuff as well.
  1. … 2 more files in changeset.
* Play safe in case we get no name

Reverted by r1855742.

  1. … 2 more files in changeset.
Merge consecutive slashes in the URL by default

opt-out w/ `MergeSlashes OFF`.

  1. … 7 more files in changeset.
Follow up to r1847430.

- These flags are not for apr_dir_ function. Clarify comment.

- Initialize 'depth', especially when AP_DIR_FLAG_RECURSIVE is explicitelly required.

- Avoid an harmless over-allocation .

  1. … 2 more files in changeset.
core: Split out the ability to parse wildcard files and directories

from the Include/IncludeOptional directives into a generic set of

functions ap_dir_nofnmatch() and ap_dir_fnmatch().

  1. … 5 more files in changeset.
util_filter: protect ap_filter_t private fields from external (ab)use.

Introduce opaque struct ap_filter_private to move ap_filter_t "pending", "bb"

and "deferred_pool" fields to the "priv" side of things.

This allows to trust values set internally (only!) in util_filter code, and

make useful assertions between the different functions calls, along with the

usual nice extensibility property.

Likewise, the private struct ap_filter_conn_ctx in conn_rec (from r1839997)

allows now to implement the new ap_acquire_brigade() and ap_release_brigade()

functions useful to get a brigade with c->pool's lifetime. They obsolete

ap_reuse_brigade_from_pool() which is replaced where previously used.

Some comments added in ap_request_core_filter() regarding the lifetime of the

data it plays with, up to EOR...

MAJOR bumped (once again).

  1. … 7 more files in changeset.
Fix a cppcheck warning.

'ap_unescape_urlencoded()' suggests that NULL can be passed to 'unescape_url()'.

So avoid a potential 'strchr(NULL, ...)' which is an undefined behavior.

Axe some redundant conditions. PR 62549.

  1. … 5 more files in changeset.
Correct see also comment
core: Add ap_reuse_brigade_from_pool().

Current RETRIEVE_BRIGADE_FROM_POOL macro from "http_request.c" is turned into

a helper and used in ap_request_core_filter().

We will need it in a subsequent commit in "util_filter.c" too.

  1. … 4 more files in changeset.
Save a few cycles.

We already know the length of the string we want to copy, so use 'apr_pstrmemdup()' instead of 'apr_strdup()'.

Follow up to r1609680: further simplify/optimize ap_proxy_strcmp_ematch().

While at it, same treatment for its mother ap_strcmp_match().

  1. … 1 more file in changeset.
Make case insensitive

  1. … 1 more file in changeset.
util.c: add a strict Base64 decoding function

ap_pbase64decode_strict() adds to the functionality of

ap_pbase64decode() in two ways:

- the length of the decoded buffer is returned, allowing embedded NULLs

to be retained by the caller

- the input string is strictly checked for Base64 validity, including

correct zero-padding at the end of the string

(This was originally added to the httpdunit feature/backport branch in

r1796208, then reverted in r1799376, since it's currently intended for

trunk only.)

  1. … 2 more files in changeset.
util.c: ensure all TEST_CHAR loops stop at the null terminator

In the aftermath of CVE-2017-7668, decouple the business logic ("is NULL

a T_HTTP_CTRL") from the postcondition ("must not go past the end of the

string"). The NULL-byte classification in the TEST_CHAR table may change

in the future.

Quiet spurious gcc warning in ap_parse_form_data ("'escaped_char[0]' may be

used uninitialized in this function").

PR61124: ap_parse_form_data() EBCDIC fix

URL-decoding doesn't work on EBCDIC.

Submitted By: Hank Ibell <hwibell gmail.com>

  1. … 1 more file in changeset.
short-circuit on NULL

Submitted By: jchampion

CVEID: CVE-2017-7668

Introduce request taint-checking concept.

  1. … 6 more files in changeset.
When redrawing the parser, ap_get_http_token looked to be useful, but there's

no application for this yet in httpd, so hold off adding this function when

we backport the enhancements. ap_scan_http_token was entirely sufficient.

If the community wants this new function, we can add it when backporting

work is complete.

This patch, and the earlier patches Friday actually demanded an mmn major

bump due to struct member changes. In any final backport, new members must

be added to the end of the struct to retain an mmn minor designation.

  1. … 2 more files in changeset.

Dropped the never-released ap_has_cntrls() as it had very limited

and inefficient application at that, added ap_scan_vchar_obstext()

to accomplish a similar purpose.

Dropped HttpProtocolOptions StrictURL option, this will be better

handled in the future with a specific directive and perhaps multiple

levels of scrutiny, use ap_scan_vchar_obstext() to simply ensure there

are no control characters or whitespace within the URI.

Changed the scanning of the response header table by check_headers()

to follow the same rulesets as reading request headers. Disallow any

CTL character within a response header value, and any CTL or whitespace

in response header field name, even in strict mode.

Apply HttpProtocolOptions Strict to chunk header parsing, invalid

whitespace is invalid, line termination must follow CRLF convention.

  1. … 5 more files in changeset.
Introduce StrictURI|UnsafeURI for RFC3986 enforcement
  1. … 7 more files in changeset.
With NUL as a TOKEN_STOP, this code is more efficient
Introduce ap_scan_http_field_content, ap_scan_http_token

and ap_get_http_token for more efficient string handling.

  1. … 2 more files in changeset.