From: Jeff Trawick <trawick@apache.org>
Date: Thu, 25 Sep 2003 16:00:56 +0000 (+0000)
Subject: Log an error when requests for URIs which fail to map to a valid
X-Git-Tag: pre_ajp_proxy~1145
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=25103911fe401c2d435520335119ca5442e2b2b9;p=apache

Log an error when requests for URIs which fail to map to a valid
filesystem name are rejected with 403.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@101310 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index ae77aa6d06..c785c339f0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev
 
   [Remove entries to the current 2.0 section below, when backported]
 
+  *) Log an error when requests for URIs which fail to map to a valid 
+     filesystem name are rejected with 403.  [Jeff Trawick]
+
   *) Fixed mod_usertrack to not get false positive matches on the
      user-tracking cookie's name.  PR 16661.
      [Manni Wood <manniwood@planet-save.com>]
diff --git a/server/core.c b/server/core.c
index e5f5ef0da7..d1bbd75adc 100644
--- a/server/core.c
+++ b/server/core.c
@@ -3274,6 +3274,7 @@ AP_DECLARE_NONSTD(int) ap_core_translate(request_rec *r)
 {
     void *sconf = r->server->module_config;
     core_server_config *conf = ap_get_module_config(sconf, &core_module);
+    apr_status_t rv;
 
     /* XXX this seems too specific, this should probably become
      * some general-case test
@@ -3300,10 +3301,12 @@ AP_DECLARE_NONSTD(int) ap_core_translate(request_rec *r)
         while (*path == '/') {
             ++path;
         }
-        if (apr_filepath_merge(&r->filename, conf->ap_document_root, path,
-                               APR_FILEPATH_TRUENAME
-                             | APR_FILEPATH_SECUREROOT, r->pool)
+        if ((rv = apr_filepath_merge(&r->filename, conf->ap_document_root, path,
+                                     APR_FILEPATH_TRUENAME
+                                   | APR_FILEPATH_SECUREROOT, r->pool))
                     != APR_SUCCESS) {
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+                         "URI in request %s maps to invalid filename", r->the_request);
             return HTTP_FORBIDDEN;
         }
         r->canonical_filename = r->filename;
@@ -3321,10 +3324,12 @@ AP_DECLARE_NONSTD(int) ap_core_translate(request_rec *r)
         while (*path == '/') {
             ++path;
         }
-        if (apr_filepath_merge(&r->filename, conf->ap_document_root, path,
-                               APR_FILEPATH_TRUENAME
-                             | APR_FILEPATH_SECUREROOT, r->pool)
+        if ((rv = apr_filepath_merge(&r->filename, conf->ap_document_root, path,
+                                     APR_FILEPATH_TRUENAME
+                                   | APR_FILEPATH_SECUREROOT, r->pool))
                     != APR_SUCCESS) {
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
+                         "URI in request %s maps to invalid filename", r->the_request);
             return HTTP_FORBIDDEN;
         }
         r->canonical_filename = r->filename;