Log an error when requests for URIs which fail to map to a valid

author Jeff Trawick <trawick@apache.org>

Thu, 25 Sep 2003 16:00:56 +0000 (16:00 +0000)

committer Jeff Trawick <trawick@apache.org>

Thu, 25 Sep 2003 16:00:56 +0000 (16:00 +0000)
author Jeff Trawick <trawick@apache.org>
Thu, 25 Sep 2003 16:00:56 +0000 (16:00 +0000)
committer Jeff Trawick <trawick@apache.org>
Thu, 25 Sep 2003 16:00:56 +0000 (16:00 +0000)
diff --git a/CHANGES b/CHANGES

index ae77aa6d0666ce5bc18bd647d666349396eb353c..c785c339f07a673c1be1d1e71e951d22a69dad44 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev
  
    [Remove entries to the current 2.0 section below, when backported]
  
+  *) Log an error when requests for URIs which fail to map to a valid 
+     filesystem name are rejected with 403.  [Jeff Trawick]
+
    *) Fixed mod_usertrack to not get false positive matches on the
       user-tracking cookie's name.  PR 16661.
       [Manni Wood <manniwood@planet-save.com>]
diff --git a/server/core.c b/server/core.c

index e5f5ef0da71d35a41adfe46d7b753d775f9d4ba2..d1bbd75adc38c2e3ce596de748ac6401ac915941 100644 (file)
--- a/server/core.c
+++ b/server/core.c
@@ -3274,6 +3274,7 @@ AP_DECLARE_NONSTD(int) ap_core_translate(request_rec *r)
  {
      void *sconf = r->server->module_config;
      core_server_config *conf = ap_get_module_config(sconf, &core_module);
+    apr_status_t rv;
  
      /* XXX this seems too specific, this should probably become
       * some general-case test
@@ -3300,10 +3301,12 @@ AP_DECLARE_NONSTD(int) ap_core_translate(request_rec *r)
          while (*path == '/') {
              ++path;
          }
-        if (apr_filepath_merge(&r->filename, conf->ap_document_root, path,
-                               APR_FILEPATH_TRUENAME
-                             | APR_FILEPATH_SECUREROOT, r->pool)
+        if ((rv = apr_filepath_merge(&r->filename, conf->ap_document_root, path,
+                                     APR_FILEPATH_TRUENAME
+                                   | APR_FILEPATH_SECUREROOT, r->pool))
                      != APR_SUCCESS) {
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+                         "URI in request %s maps to invalid filename", r->the_request);
              return HTTP_FORBIDDEN;
          }
          r->canonical_filename = r->filename;
@@ -3321,10 +3324,12 @@ AP_DECLARE_NONSTD(int) ap_core_translate(request_rec *r)
          while (*path == '/') {
              ++path;
          }
-        if (apr_filepath_merge(&r->filename, conf->ap_document_root, path,
-                               APR_FILEPATH_TRUENAME
-                             | APR_FILEPATH_SECUREROOT, r->pool)
+        if ((rv = apr_filepath_merge(&r->filename, conf->ap_document_root, path,
+                                     APR_FILEPATH_TRUENAME
+                                   | APR_FILEPATH_SECUREROOT, r->pool))
                      != APR_SUCCESS) {
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+                         "URI in request %s maps to invalid filename", r->the_request);
              return HTTP_FORBIDDEN;
          }
          r->canonical_filename = r->filename;
author	Jeff Trawick <trawick@apache.org>
	Thu, 25 Sep 2003 16:00:56 +0000 (16:00 +0000)
committer	Jeff Trawick <trawick@apache.org>
	Thu, 25 Sep 2003 16:00:56 +0000 (16:00 +0000)
CHANGES		patch \| blob \| history
server/core.c		patch \| blob \| history