Backport:

core: In AllowOverrideList, do not allow 'None' together with other
directives. PR 52823.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1305132 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index c2afb292a6b7559b5f193279db0ad21c8bf477f1..0a9500d4a450718fcfc95fc9d8285bb7c2aa3532 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,9 @@ Changes with Apache 2.4.2
      envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
      current working directory to be searched for DSOs. [Stefan Fritsch]
 
+  *) core: In AllowOverrideList, do not allow 'None' together with other
+     directives. PR 52823. [Stefan Fritsch]
+
   *) mod_slotmem_shm: Support DEFAULT_REL_RUNTIMEDIR for file-based shm.
      [Jim Jagielski]
 

diff --git a/STATUS b/STATUS
index efb0817ed6e01edd1919e1430b32d8ecbd4e0662..b61f05f6a2d8ffdb7343691c40889a1ec6e311f4 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -88,12 +88,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  * core: In AllowOverrideList, do not allow 'None' together with other directives.
-    PR 52823
-    Trunk patch: http://svn.apache.org/viewvc?rev=1302653&view=rev
-    2.4.x patch: Trunk patch works
-    +1: sf, covener, druggeri
-
   * core: In AllowOverrideList, disallow directives which are only allowed
     in VirtualHost or server context.
     Trunk patch: http://svn.apache.org/viewvc?rev=1302665&view=rev

diff --git a/server/core.c b/server/core.c
index 1e4c7856c1ce86d9c4559fcbb06fec88782959ad..482acecb5a7292693440f72ca50bf25e0778c5e2 100644 (file)
--- a/server/core.c
+++ b/server/core.c
@@ -1659,16 +1659,20 @@ static const char *set_override_list(cmd_parms *cmd, void *d_, int argc, char *c
     /* Throw a warning if we're in <Location> or <Files> */
     if (ap_check_cmd_context(cmd, NOT_IN_LOCATION | NOT_IN_FILES)) {
         ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00115)
-                     "Useless use of AllowOverrideList in line %d of %s.",
-                     cmd->directive->line_num, cmd->directive->filename);
+                     "Useless use of AllowOverrideList at %s:%d",
+                     cmd->directive->filename, cmd->directive->line_num);
     }
     if ((err = ap_check_cmd_context(cmd, NOT_IN_HTACCESS)) != NULL)
         return err;
 
-    d->override_list = apr_table_make(cmd->pool, 1);
+    d->override_list = apr_table_make(cmd->pool, argc);
 
     for (i=0;i<argc;i++){
         if (!strcasecmp(argv[i], "None")) {
+            if (argc != 1) {
+                return "'None' not allowed with other directives in "
+                       "AllowOverrideList";
+            }
             return NULL;
         }
         else {
@@ -1678,9 +1682,11 @@ static const char *set_override_list(cmd_parms *cmd, void *d_, int argc, char *c
             if (result)
                 apr_table_set(d->override_list, argv[i], "1");
             else
-                ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server, APLOGNO(00116)
-                             "Discarding unrecognized directive `%s' in AllowOverrideList.",
-                             argv[i]);
+                ap_log_error(APLOG_MARK, APLOG_WARNING, 0, cmd->server,
+                             APLOGNO(00116) "Discarding unrecognized "
+                             "directive `%s' in AllowOverrideList at %s:%d",
+                             argv[i], cmd->directive->filename,
+                             cmd->directive->line_num);
         }
     }