It doesn't get any simpler than this

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@90547 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/server/util.c b/server/util.c
index 8d529b054bb05288f3e39d9bdd152906444303f9..604056fb5e043ef6c9b0d6a9a6ebcb2b0c1a4504 100644 (file)
--- a/server/util.c
+++ b/server/util.c
@@ -867,13 +867,6 @@ AP_DECLARE(apr_status_t) ap_pcfg_openfile(ap_configfile_t **ret_cfg, apr_pool_t
         return APR_EBADF;
     }
 
-    /* ### We no longer need the test ap_os_is_filename_valid() here
-     * The directory was already walked on a segment by segment basis,
-     * so we should never be called with a bad path element, and device 
-     * names as access file names never posed as security threats, since 
-     * it was the admin's choice to assign the .htaccess file's name.
-     */
-
     status = apr_file_open(&file, name, APR_READ | APR_BUFFERED, APR_OS_DEFAULT, p);
 #ifdef DEBUG
     ap_log_error(APLOG_MARK, APLOG_DEBUG | APLOG_NOERRNO, 0, NULL,
@@ -890,9 +883,7 @@ AP_DECLARE(apr_status_t) ap_pcfg_openfile(ap_configfile_t **ret_cfg, apr_pool_t
 
     if (finfo.filetype != APR_REG &&
 #if defined(WIN32) || defined(OS2)
-        !(strcasecmp(name, "nul") == 0 ||
-          (strlen(name) >= 4 &&
-           strcasecmp(name + strlen(name) - 4, "/nul") == 0))) {
+        strcasecmp(apr_filename_of_pathname(name), "nul") != 0) {
 #else
         strcmp(name, "/dev/null") != 0) {
 #endif /* WIN32 || OS2 */