From: André Malo <nd@apache.org>
Date: Tue, 20 Apr 2004 20:22:13 +0000 (+0000)
Subject: Recursive Include directives no longer crash. The server stops
X-Git-Tag: pre_ajp_proxy~343
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=30b25881ba430e81b96634e9d69b95d8749f7830;p=apache

Recursive Include directives no longer crash. The server stops
including configuration files after a certain nesting level (128
as distributed). This is configurable at compile time using the
-DAP_MAX_INCLUDE_DEPTH switch.

PR: 28370


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103466 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index d5780ab1bf..b5bb2910c8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,11 @@ Changes with Apache 2.1.0-dev
 
   [Remove entries to the current 2.0 section below, when backported]
 
+  *) Recursive Include directives no longer crash. The server stops
+     including configuration files after a certain nesting level (128
+     as distributed). This is configurable at compile time using the
+     -DAP_MAX_INCLUDE_DEPTH switch. PR 28370.  [André Malo]
+
   *) mod_headers: Allow %% in header values to represent a literal %.
      [André Malo]
 
diff --git a/server/core.c b/server/core.c
index 36641189ef..c6182b7c5a 100644
--- a/server/core.c
+++ b/server/core.c
@@ -54,6 +54,11 @@
 
 #define AP_MIN_SENDFILE_BYTES           (256)
 
+/* maximum include nesting level */
+#ifndef AP_MAX_INCLUDE_DEPTH
+#define AP_MAX_INCLUDE_DEPTH            (128)
+#endif
+
 APR_HOOK_STRUCT(
     APR_HOOK_LINK(get_mgmt_items)
 )
@@ -2245,9 +2250,30 @@ static const char *include_config (cmd_parms *cmd, void *dummy,
                                    const char *name)
 {
     ap_directive_t *conftree = NULL;
-    const char* conffile = ap_server_root_relative(cmd->pool, name);
+    const char* conffile;
+    unsigned *recursion;
+    void *data;
+
+    apr_pool_userdata_get(&data, "ap_include_sentinel", cmd->pool);
+    if (data) {
+        recursion = data;
+    }
+    else {
+        data = recursion = apr_palloc(cmd->pool, sizeof(*recursion));
+        *recursion = 0;
+        apr_pool_userdata_setn(data, "ap_include_sentinel", NULL, cmd->pool);
+    }
 
+    if (++*recursion > AP_MAX_INCLUDE_DEPTH) {
+        *recursion = 0;
+        return apr_psprintf(cmd->pool, "Exceeded maximum include depth of %u. "
+                            "You have probably a recursion somewhere.",
+                            AP_MAX_INCLUDE_DEPTH);
+    }
+
+    conffile = ap_server_root_relative(cmd->pool, name);
     if (!conffile) {
+        *recursion = 0;
         return apr_pstrcat(cmd->pool, "Invalid Include path ", 
                            name, NULL);
     }
@@ -2255,6 +2281,12 @@ static const char *include_config (cmd_parms *cmd, void *dummy,
     ap_process_resource_config(cmd->server, conffile,
                                &conftree, cmd->pool, cmd->temp_pool);
     *(ap_directive_t **)dummy = conftree;
+
+    /* recursion level done */
+    if (*recursion) {
+        --*recursion;
+    }
+
     return NULL;
 }