Start with the presumption that canonical_filename is not likely to be set.

  Therefore we will canonicalize it when it doesn't match filename.

  The next optimization should take the path common to canonical_filename
  and filename, and start merging filename from there for canonicalization.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90591 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/server/core.c b/server/core.c
index e4aaec5e4b7c290f540bc344ddc3f3e83eef84a6..50b464f1efe05cdfa8ef862867dc5256d9cef075 100644 (file)
--- a/server/core.c
+++ b/server/core.c
@@ -1230,6 +1230,7 @@ static const char *set_document_root(cmd_parms *cmd, void *dummy,
            ap_log_perror(APLOG_MARK, APLOG_STARTUP | APLOG_NOERRNO, 0, cmd->pool,
                          "Warning: DocumentRoot [%s] does not exist",
                         arg);
+            conf->ap_document_root = arg;
        }
        else {
            return "DocumentRoot must be a directory";

diff --git a/server/request.c b/server/request.c
index 4e3c0043f5559c1e5ee58db44a0d92df550b3ee7..ce07b05151ce72f17f8b0f9de0a6565d162ea864 100644 (file)
--- a/server/request.c
+++ b/server/request.c
@@ -476,22 +476,41 @@ AP_DECLARE(int) directory_walk(request_rec *r)
      * denied.  This is very cpu/fs intensive, we need to finish
      * auditing, and remove the paranoia trigger.
      */
+    if (r->filename == r->canonical_filename)
 #ifdef NO_LONGER_PARANOID
-    test_filename = apr_pstrdup(r->pool, r->filename);
+        test_filename = apr_pstrdup(r->pool, r->filename);
 #else
-    if (apr_filepath_merge(&test_filename, "", r->filename,
-                           APR_FILEPATH_NOTRELATIVE | APR_FILEPATH_TRUENAME,
-                           r->pool) != APR_SUCCESS
-           || strcmp(test_filename, r->filename) != 0) {
-        ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
-                      "FORBIDDEN; Filepath: %s is not the canonical %s", 
-                      r->filename, test_filename);
-        return HTTP_FORBIDDEN;
+    {
+        if (apr_filepath_merge(&test_filename, "", r->filename,
+                               APR_FILEPATH_NOTRELATIVE | APR_FILEPATH_TRUENAME,
+                               r->pool) != APR_SUCCESS
+               || strcmp(test_filename, r->filename) != 0) {
+            ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
+                          "Module bug?  Filepath: %s is not the canonical %s", 
+                          r->filename, test_filename);
+            return HTTP_FORBIDDEN;
+        }
     }
 #endif
+    else {
+        /* Apparently, somebody didn't know to update r->canonical_filename
+         * which is lucky, since they didn't canonicalize r->filename either.
+         */
+        if (apr_filepath_merge(&test_filename, NULL, r->filename,
+                               APR_FILEPATH_NOTRELATIVE | APR_FILEPATH_TRUENAME,
+                               r->pool) != APR_SUCCESS) {
+            ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r,
+                          "Module bug?  Filepath: %s is not an absolute path", 
+                          r->filename);
+            return HTTP_FORBIDDEN;
+        }
+        if (strcmp(r->filename, test_filename) != 0)
+            r->filename = apr_pstrdup(test_filename);
+        r->canonical_filename = r->test_filename;
+    }
+
     num_dirs = ap_count_dirs(test_filename);
 
-    /* XXX This needs to be rolled into APR: */
     if ((res = check_safe_file(r))) {
         return res;
     }