core/util_script: relax alphanumeric filter of enviroment variable names

[apache] / server / util_script.c

diff --git a/server/util_script.c b/server/util_script.c
index ca246dac67953261bac6e3f41c8c38836d9213ac..4ec4bb58c0b4b017df7aaf7ee29ee133d7432362 100644 (file)
--- a/server/util_script.c
+++ b/server/util_script.c
@@ -73,9 +73,10 @@ static char *http2env(request_rec *r, const char *w)
             *cp++ = '_';
         }
         else {
-            ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
-                          "Not exporting header with invalid name as envvar: %s",
-                          ap_escape_logitem(r->pool, w));
+            if (APLOGrtrace1(r))
+                ap_log_rerror(APLOG_MARK, APLOG_TRACE1, 0, r,
+                            "Not exporting header with invalid name as envvar: %s",
+                            ap_escape_logitem(r->pool, w));
             return NULL;
         }
     }
@@ -122,7 +123,11 @@ AP_DECLARE(char **) ap_create_environment(apr_pool_t *p, apr_table_t *t)
             *whack++ = '_';
         }
         while (*whack != '=') {
-            if (!apr_isalnum(*whack) && *whack != '_') {
+#ifdef WIN32
+            if (!apr_isalnum(*whack) && *whack != '(' && *whack != ')') {
+#else
+            if (!apr_isalnum(*whack)) {
+#endif
                 *whack = '_';
             }
             ++whack;
@@ -139,6 +144,8 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
     apr_table_t *e;
     server_rec *s = r->server;
     conn_rec *c = r->connection;
+    core_dir_config *conf =
+        (core_dir_config *)ap_get_core_module_config(r->per_dir_config);
     const char *env_temp;
     const apr_array_header_t *hdrs_arr = apr_table_elts(r->headers_in);
     const apr_table_entry_t *hdrs = (const apr_table_entry_t *) hdrs_arr->elts;
@@ -187,7 +194,9 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
 #ifndef SECURITY_HOLE_PASS_AUTHORIZATION
         else if (!strcasecmp(hdrs[i].key, "Authorization")
                  || !strcasecmp(hdrs[i].key, "Proxy-Authorization")) {
-            continue;
+            if (conf->cgi_pass_auth == AP_CGI_PASS_AUTH_ON) {
+                add_unless_null(e, http2env(r, hdrs[i].key), hdrs[i].val);
+            }
         }
 #endif
         else
@@ -277,12 +286,25 @@ AP_DECLARE(void) ap_add_common_vars(request_rec *r)
     /* Apache custom error responses. If we have redirected set two new vars */
 
     if (r->prev) {
+        /* PR#57785: reconstruct full URL here */
+        apr_uri_t *uri = &r->prev->parsed_uri;
+        if (!uri->scheme) {
+            uri->scheme = (char*)ap_http_scheme(r->prev);
+        }
+        if (!uri->port) {
+            uri->port = ap_get_server_port(r->prev);
+            uri->port_str = apr_psprintf(r->pool, "%u", uri->port);
+        }
+        if (!uri->hostname) {
+            uri->hostname = (char*)ap_get_server_name_for_url(r->prev);
+        }
         add_unless_null(e, "REDIRECT_QUERY_STRING", r->prev->args);
-        add_unless_null(e, "REDIRECT_URL", r->prev->uri);
+        add_unless_null(e, "REDIRECT_URL",
+                        apr_uri_unparse(r->pool, uri, 0));
     }
 
     if (e != r->subprocess_env) {
-      apr_table_overlap(r->subprocess_env, e, APR_OVERLAP_TABLES_SET);
+        apr_table_overlap(r->subprocess_env, e, APR_OVERLAP_TABLES_SET);
     }
 }
 
@@ -542,7 +564,8 @@ AP_DECLARE(int) ap_scan_script_header_err_core_ex(request_rec *r, char *buffer,
             }
             if (maybeASCII > maybeEBCDIC) {
                 ap_log_error(SCRIPT_LOG_MARK, APLOG_ERR, 0, r->server,
-                             "CGI Interface Error: Script headers apparently ASCII: (CGI = %s)",
+                             APLOGNO(02660) "CGI Interface Error: "
+                             "Script headers apparently ASCII: (CGI = %s)",
                              r->filename);
                 inbytes_left = outbytes_left = cp - w;
                 apr_xlate_conv_buffer(ap_hdrs_from_ascii,
@@ -565,7 +588,7 @@ AP_DECLARE(int) ap_scan_script_header_err_core_ex(request_rec *r, char *buffer,
         }
 
         *l++ = '\0';
-        while (*l && apr_isspace(*l)) {
+        while (apr_isspace(*l)) {
             ++l;
         }
 
@@ -594,9 +617,10 @@ AP_DECLARE(int) ap_scan_script_header_err_core_ex(request_rec *r, char *buffer,
                               "Invalid status line from script '%s': %.30s",
                               apr_filepath_name_get(r->filename), l);
             else
-                ap_log_rerror(SCRIPT_LOG_MARK, APLOG_TRACE1, 0, r,
-                              "Status line from script '%s': %.30s",
-                              apr_filepath_name_get(r->filename), l);
+                if (APLOGrtrace1(r))
+                   ap_log_rerror(SCRIPT_LOG_MARK, APLOG_TRACE1, 0, r,
+                                 "Status line from script '%s': %.30s",
+                                 apr_filepath_name_get(r->filename), l);
             r->status_line = apr_pstrdup(r->pool, l);
         }
         else if (!strcasecmp(w, "Location")) {
@@ -702,8 +726,7 @@ static int getsfunc_BRIGADE(char *buf, int len, void *arg)
             apr_bucket_split(e, src - bucket_data);
         }
         next = APR_BUCKET_NEXT(e);
-        APR_BUCKET_REMOVE(e);
-        apr_bucket_destroy(e);
+        apr_bucket_delete(e);
         e = next;
     }
     *dst = 0;