[Remove entries to the current 2.0 section below, when backported]
+ *) Recursive Include directives no longer crash. The server stops
+ including configuration files after a certain nesting level (128
+ as distributed). This is configurable at compile time using the
+ -DAP_MAX_INCLUDE_DEPTH switch. PR 28370. [André Malo]
+
*) mod_headers: Allow %% in header values to represent a literal %.
[André Malo]
#define AP_MIN_SENDFILE_BYTES (256)
+/* maximum include nesting level */
+#ifndef AP_MAX_INCLUDE_DEPTH
+#define AP_MAX_INCLUDE_DEPTH (128)
+#endif
+
APR_HOOK_STRUCT(
APR_HOOK_LINK(get_mgmt_items)
)
const char *name)
{
ap_directive_t *conftree = NULL;
- const char* conffile = ap_server_root_relative(cmd->pool, name);
+ const char* conffile;
+ unsigned *recursion;
+ void *data;
+
+ apr_pool_userdata_get(&data, "ap_include_sentinel", cmd->pool);
+ if (data) {
+ recursion = data;
+ }
+ else {
+ data = recursion = apr_palloc(cmd->pool, sizeof(*recursion));
+ *recursion = 0;
+ apr_pool_userdata_setn(data, "ap_include_sentinel", NULL, cmd->pool);
+ }
+ if (++*recursion > AP_MAX_INCLUDE_DEPTH) {
+ *recursion = 0;
+ return apr_psprintf(cmd->pool, "Exceeded maximum include depth of %u. "
+ "You have probably a recursion somewhere.",
+ AP_MAX_INCLUDE_DEPTH);
+ }
+
+ conffile = ap_server_root_relative(cmd->pool, name);
if (!conffile) {
+ *recursion = 0;
return apr_pstrcat(cmd->pool, "Invalid Include path ",
name, NULL);
}
ap_process_resource_config(cmd->server, conffile,
&conftree, cmd->pool, cmd->temp_pool);
*(ap_directive_t **)dummy = conftree;
+
+ /* recursion level done */
+ if (*recursion) {
+ --*recursion;
+ }
+
return NULL;
}
projects / apache / commitdiff