Changes with Apache 2.0.37
+ *) Fix suexec execution of CGI scripts from mod_include.
+ PR 7791, 8291 [Colm MacCarthaigh <colmmacc@redbrick.dcu.ie>]
+
*) Fix segfaults at startup on some platforms when mod_auth_digest,
mod_suexec, or mod_ssl were used as DSO's due to the way they
were tracking the current init phase since DSO's get completely
"in parsed file %s";
}
else {
- rr = ap_sub_req_lookup_file(parsed_string, r, f->next);
+ rr = ap_sub_req_lookup_uri(parsed_string, r, f->next);
}
}
else {
}
}
/* allocate space for 4 new args, the input args, and a null terminator */
- newargs = apr_palloc(p, sizeof(char *) * (i + 5));
+ newargs = apr_palloc(p, sizeof(char *) * (i + 4));
newprogname = SUEXEC_BIN;
newargs[0] = SUEXEC_BIN;
newargs[1] = execuser;
newargs[2] = execgroup;
newargs[3] = apr_pstrdup(p, progname);
- i = 0;
+ /*
+ ** using a shell to execute suexec makes no sense thus
+ ** we force everything to be APR_PROGRAM, and never
+ ** APR_SHELLCMD
+ */
+ if(apr_procattr_cmdtype_set(attr, APR_PROGRAM) != APR_SUCCESS) {
+ return APR_EGENERAL;
+ }
+
+ i = 1;
do {
- newargs[i + 4] = args[i];
+ newargs[i + 3] = args[i];
} while (args[i++]);
return apr_proc_create(newproc, newprogname, newargs, env, attr, p);