-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) mod_rewrite: Protect against looping with the [N] flag by enforcing a
+ default limit of 10000 iterations, and allowing each rule to change its
+ limit. [Eric Covener]
+
*) mod_ssl: Fix config merging of SSLOCSPEnable and SSLOCSPOverrideResponder.
[Jeff Trawick]
will replace A with B everywhere in a request, and will continue doing
so until there are no more As to be replaced.
</p>
-
<highlight language="config">RewriteRule (.*)A(.*) $1B$2 [N]</highlight>
-
<p>You can think of this as a <code>while</code> loop: While this
pattern still matches (i.e., while the URI still contains an
<code>A</code>), perform this substitution (i.e., replace the
<code>A</code> with a <code>B</code>).</p>
+<p>In 2.5.0 and later, this module returns an error after 10,000 iterations to
+protect against unintended looping. An alternative maximum number of
+iterations can be specified by adding to the N flag. </p>
+<highlight language="config">
+# Be willing to replace 1 character in each pass of the loop
+RewriteRule (.+)[><;]$ $1 [N=32000]
+# ... or, give up if after 10 loops
+RewriteRule (.+)[><;]$ $1 [N=10]
+</highlight>
+
</section>
<section id="flag_nc"><title>NC|nocase</title>
#define subreq_ok(r) (!r->main || \
(r->main->uri && r->uri && strcmp(r->main->uri, r->uri)))
+#ifndef REWRITE_MAX_ROUNDS
+#define REWRITE_MAX_ROUNDS 10000
+#endif
/*
* +-------------------------------------------------------+
data_item *env; /* added environment variables */
data_item *cookie; /* added cookies */
int skip; /* number of next rules to skip */
+ int maxrounds; /* limit on number of loops with N flag */
} rewriterule_entry;
typedef struct {
}
else if (!*key || !strcasecmp(key, "ext")) { /* next */
cfg->flags |= RULEFLAG_NEWROUND;
+ if (val && *val) {
+ cfg->maxrounds = atoi(val);
+ }
+
}
else if (((*key == 'S' || *key == 's') && !key[1])
|| !strcasecmp(key, "osubreq")) { /* nosubreq */
newrule->env = NULL;
newrule->cookie = NULL;
newrule->skip = 0;
+ newrule->maxrounds = REWRITE_MAX_ROUNDS;
if (a3 != NULL) {
if ((err = cmd_parseflagfield(cmd->pool, newrule, a3,
cmd_rewriterule_setflag)) != NULL) {
int rc;
int s;
rewrite_ctx *ctx;
+ int round = 1;
ctx = apr_palloc(r->pool, sizeof(*ctx));
ctx->perdir = perdir;
* the rewriting ruleset again.
*/
if (p->flags & RULEFLAG_NEWROUND) {
+ if (++round >= p->maxrounds) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02596)
+ "RewriteRule '%s' and URI '%s' exceeded "
+ "maximum number of rounds (%d) via the [N] flag",
+ p->pattern, r->uri, p->maxrounds);
+
+ r->status = HTTP_INTERNAL_SERVER_ERROR;
+ return ACTION_STATUS;
+ }
goto loop;
}
projects / apache / commitdiff