Changes with Apache 2.0.40
+ *) Fix a long-standing bug in 2.0, CGI scripts were being called
+ with relative paths instead of absolute paths. Apache 1.3 used
+ absolute paths for everything except for SuExec, this brings back
+ that standard. [Ryan Bloom]
+
*) Fix infinite loop due to two HTTP_IN filters being present for
internally redirected requests. PR 10146. [Justin Erenkrantz]
const char *args = NULL;
if (e_info->process_cgi) {
- /* Allow suexec's "/" check to succeed */
- const char *argv0 = strrchr(r->filename, '/');
- if (argv0 != NULL)
- argv0++;
- else
- argv0 = r->filename;
- *cmd = argv0;
+ *cmd = r->filename;
args = r->args;
/* Do not process r->args if they contain an '=' assignment
*/
const char **newargs;
char *newprogname;
char *execuser, *execgroup;
+ const char *argv0;
if (!unixd_config.suexec_enabled) {
return apr_proc_create(newproc, progname, args, env, attr, p);
}
+ argv0 = strrchr(progname, '/');
+ /* Allow suexec's "/" check to succeed */
+ if (argv0 != NULL) {
+ argv0++;
+ }
+ else {
+ argv0 = progname;
+ }
+
+
if (ugid->userdir) {
execuser = apr_psprintf(p, "~%ld", (long) ugid->uid);
}
newargs[0] = SUEXEC_BIN;
newargs[1] = execuser;
newargs[2] = execgroup;
- newargs[3] = apr_pstrdup(p, progname);
+ newargs[3] = apr_pstrdup(p, argv0);
/*
** using a shell to execute suexec makes no sense thus
projects / apache / commitdiff