From: Jim Jagielski Date: Thu, 31 May 2018 13:19:12 +0000 (+0000) Subject: Merge r1490294, r1734635, r1749403, r1813116, r1816179, r1817598, r1832198, r1832200... X-Git-Tag: 2.4.34~133 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4c1d0422ecadad4c283a2d64c41b83957e1721a6;p=apache Merge r1490294, r1734635, r1749403, r1813116, r1816179, r1817598, r1832198, r1832200, r1832277, r1832317 from trunk: Note that the function will be available in APR. Silent a smatch warning: mod_auth_form.c:626 get_form_auth() warn: variable dereferenced before check 'sent_user' (see line 616) Use 'memcpy' instead of 'strcpy' when the size of the string has already been computed. Fix compilation failure : unixd.c: In function ‘ap_unixd_mpm_set_signals’: unixd.c:579:5: error: implicit declaration of function ‘apr_signal’; did you mean ‘strsignal’? [-Werror=implicit-function-declaration] apr_signal(SIGPIPE, SIG_IGN); ^~~~~~~~~~ strsignal Not sure where it comes from, maybe related to r1812301. mod_substitute: add runtime traces. PR 61132. In verify_ocsp_status in ssl_engine_ocsp.c, the log message, "OCSP response not successful: %d" should print the value of r instead of rc. The value of rc will always be 0. PR 61876 [sam ] Success of 'SHGetMalloc()' should be tested with the SUCCEEDED macro. /!\ This commit is _NOT COMPILE TESTED_. (I don't have a windows build environment available) See PR 60086. Axe some dead code. See PR 60086. Fix typo Fix a potential un-intialized variable usage warning. This can not be a runtime ixsue, because, in such a case, we would assert and abort before. PR 59819. Submitted by: minfrin, jailletc36, jailletc36, jailletc36, ylavic, jailletc36, jailletc36, jailletc36, jailletc36, jailletc36 Reviewed by: jailletc36, ylavic, covener git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1832607 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/STATUS b/STATUS index 62987fc0c4..7f65132336 100644 --- a/STATUS +++ b/STATUS @@ -155,30 +155,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: jailletc36: There should be a compatibility note for the new directives. (done in r1828478) - *) Easy patches: synch 2.4.x and trunk - - core: add a comment - - mod_auth_form: Silence a static checker warning - - unixd: fix a compilation warning - - mod_sed: do not compute string length twice - - mod_substitute: add some TRACE8 debugging messages - - mod_ssl: fix the error code written in a log message - - win32/Apachemonitor: Success of 'SHGetMalloc()' should be tested with the SUCCEEDED macro. - - core: Axe some dead code - - core: Fix typo in comment - - core: Fix a potential un-intialized variable usage warning. - trunk patch: http://svn.apache.org/r1490294 - http://svn.apache.org/r1734635 - http://svn.apache.org/r1749403 - http://svn.apache.org/r1813116 - http://svn.apache.org/r1816179 - http://svn.apache.org/r1817598 - http://svn.apache.org/r1832198 - http://svn.apache.org/r1832200 - http://svn.apache.org/r1832277 - http://svn.apache.org/r1832317 - 2.4.x patch: svn merge -c 1490294,1734635,1749403,1813116,1816179,1817598,1832198,1832200,1832277,1832317 ^/httpd/httpd/trunk . - +1: jailletc36, ylavic, covener - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/include/httpd.h b/include/httpd.h index a9fe056f34..d792308581 100644 --- a/include/httpd.h +++ b/include/httpd.h @@ -2366,7 +2366,7 @@ AP_DECLARE(int) ap_array_str_contains(const apr_array_header_t *array, const char *s); /** - * Perform a case-insensitive comparison of two strings @a atr1 and @a atr2, + * Perform a case-insensitive comparison of two strings @a str1 and @a str2, * treating upper and lower case values of the 26 standard C/POSIX alphabetic * characters as equivalent. Extended latin characters outside of this set * are treated as unique octets, irrespective of the current locale. @@ -2380,7 +2380,7 @@ AP_DECLARE(int) ap_array_str_contains(const apr_array_header_t *array, AP_DECLARE(int) ap_cstr_casecmp(const char *s1, const char *s2); /** - * Perform a case-insensitive comparison of two strings @a atr1 and @a atr2, + * Perform a case-insensitive comparison of two strings @a str1 and @a str2, * treating upper and lower case values of the 26 standard C/POSIX alphabetic * characters as equivalent. Extended latin characters outside of this set * are treated as unique octets, irrespective of the current locale. diff --git a/modules/aaa/mod_auth_form.c b/modules/aaa/mod_auth_form.c index 01652291a9..bea7d51210 100644 --- a/modules/aaa/mod_auth_form.c +++ b/modules/aaa/mod_auth_form.c @@ -613,7 +613,7 @@ static int get_form_auth(request_rec * r, /* have we isolated the user and pw before? */ get_notes_auth(r, sent_user, sent_pw, sent_method, sent_mimetype); - if (*sent_user && *sent_pw) { + if (sent_user && *sent_user && sent_pw && *sent_pw) { return OK; } diff --git a/modules/filters/mod_include.c b/modules/filters/mod_include.c index a5e44fead7..a46a944428 100644 --- a/modules/filters/mod_include.c +++ b/modules/filters/mod_include.c @@ -498,6 +498,7 @@ static const char lazy_eval_sentinel = '\0'; /* The following is a shrinking transformation, therefore safe. */ +/* Note: this function is deprecated in favour of apr_unescape_entity() in APR */ static void decodehtml(char *s) { int val, i, j; diff --git a/modules/filters/mod_substitute.c b/modules/filters/mod_substitute.c index d8984ee006..b7d5296afa 100644 --- a/modules/filters/mod_substitute.c +++ b/modules/filters/mod_substitute.c @@ -51,6 +51,7 @@ typedef struct subst_pattern_t { apr_size_t replen; apr_size_t patlen; int flatten; + const char *from; } subst_pattern_t; typedef struct { @@ -121,6 +122,8 @@ static void *merge_substitute_dcfg(apr_pool_t *p, void *basev, void *overv) apr_bucket_delete(tmp_b); \ } while (0) +#define CAP2LINEMAX(n) ((n) < (apr_size_t)200 ? (int)(n) : 200) + static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, apr_bucket_brigade *mybb, apr_pool_t *pool) @@ -165,6 +168,17 @@ static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, if (apr_bucket_read(b, &buff, &bytes, APR_BLOCK_READ) == APR_SUCCESS) { int have_match = 0; + + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Line read (%" APR_SIZE_T_FMT " bytes): %.*s", + bytes, CAP2LINEMAX(bytes), buff); + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Replacing %s:'%s' by '%s'", + script->pattern ? "string" : + script->regexp ? "regex" : + "unknown", + script->from, script->replacement); + vb.strlen = 0; if (script->pattern) { const char *repl; @@ -176,6 +190,9 @@ static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, apr_size_t repl_len = strlen(script->replacement); while ((repl = apr_strmatch(script->pattern, buff, bytes))) { + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Matching found, result: '%s'", + script->replacement); have_match = 1; /* get offset into buff for pattern */ len = (apr_size_t) (repl - buff); @@ -231,6 +248,9 @@ static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, */ char *copy = ap_varbuf_pdup(pool, &vb, NULL, 0, buff, bytes, &len); + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "New line (%" APR_SIZE_T_FMT " bytes): %.*s", + len, CAP2LINEMAX(len), copy); tmp_b = apr_bucket_pool_create(copy, len, pool, f->r->connection->bucket_alloc); APR_BUCKET_INSERT_BEFORE(b, tmp_b); @@ -248,6 +268,9 @@ static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, */ if (space_left < b->length) return APR_ENOMEM; + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "New line (%" APR_SIZE_T_FMT " bytes): %.*s", + bytes, CAP2LINEMAX(bytes), buff); } } } @@ -259,6 +282,8 @@ static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, while (!ap_regexec_len(script->regexp, pos, left, AP_MAX_REG_MATCH, regm, 0)) { apr_status_t rv; + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Matching found"); have_match = 1; if (script->flatten && !force_quick) { /* check remaining buffer size */ @@ -276,6 +301,8 @@ static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, cfg->max_line_length - vb.strlen); if (rv != APR_SUCCESS) return rv; + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Result: '%s'", vb.buf); } else { apr_size_t repl_len; @@ -296,6 +323,8 @@ static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, tmp_b = apr_bucket_transient_create(repl, repl_len, f->r->connection->bucket_alloc); APR_BUCKET_INSERT_BEFORE(b, tmp_b); + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "Result: '%s'", repl); } /* * reset to past what we just did. pos now maps to b @@ -311,6 +340,9 @@ static apr_status_t do_pattmatch(ap_filter_t *f, apr_bucket *inb, */ copy = ap_varbuf_pdup(pool, &vb, NULL, 0, pos, left, &len); + ap_log_rerror(APLOG_MARK, APLOG_TRACE8, 0, f->r, + "New line (%" APR_SIZE_T_FMT " bytes): %.*s", + len, CAP2LINEMAX(len), copy); tmp_b = apr_bucket_pool_create(copy, len, pool, f->r->connection->bucket_alloc); APR_BUCKET_INSERT_BEFORE(b, tmp_b); @@ -646,6 +678,7 @@ static const char *set_pattern(cmd_parms *cmd, void *cfg, const char *line) nscript->regexp = NULL; nscript->replacement = NULL; nscript->patlen = 0; + nscript->from = from; if (is_pattern) { nscript->patlen = strlen(from); diff --git a/modules/filters/sed1.c b/modules/filters/sed1.c index 8f383b8b0f..f463ec9e03 100644 --- a/modules/filters/sed1.c +++ b/modules/filters/sed1.c @@ -196,7 +196,7 @@ static void append_to_holdbuf(sed_eval_t *eval, const char* sz) if (eval->hsize <= reqsize) { grow_hold_buffer(eval, reqsize); } - strcpy(eval->hspend, sz); + memcpy(eval->hspend, sz, len + 1); /* hspend will now point to NULL character */ eval->hspend += len; } @@ -220,7 +220,7 @@ static void append_to_genbuf(sed_eval_t *eval, const char* sz, char **gspend) if (eval->gsize < reqsize) { grow_gen_buffer(eval, reqsize, gspend); } - strcpy(*gspend, sz); + memcpy(*gspend, sz, len + 1); /* *gspend will now point to NULL character */ *gspend += len; } diff --git a/modules/ssl/ssl_engine_ocsp.c b/modules/ssl/ssl_engine_ocsp.c index 0d6592ff4a..ae0f84253c 100644 --- a/modules/ssl/ssl_engine_ocsp.c +++ b/modules/ssl/ssl_engine_ocsp.c @@ -159,7 +159,7 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c, if (r != OCSP_RESPONSE_STATUS_SUCCESSFUL) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01922) - "OCSP response not successful: %d", rc); + "OCSP response not successful: %d", r); rc = V_OCSP_CERTSTATUS_UNKNOWN; } } diff --git a/os/unix/unixd.c b/os/unix/unixd.c index 7f71d1a642..43645f09da 100644 --- a/os/unix/unixd.c +++ b/os/unix/unixd.c @@ -24,6 +24,7 @@ #include "os.h" #include "ap_mpm.h" #include "apr_thread_proc.h" +#include "apr_signal.h" #include "apr_strings.h" #include "apr_portable.h" #ifdef HAVE_PWD_H @@ -180,7 +181,7 @@ static apr_status_t ap_unix_create_privileged_process( ** we force everything to be APR_PROGRAM, and never ** APR_SHELLCMD */ - if(apr_procattr_cmdtype_set(attr, APR_PROGRAM) != APR_SUCCESS) { + if (apr_procattr_cmdtype_set(attr, APR_PROGRAM) != APR_SUCCESS) { return APR_EGENERAL; } diff --git a/server/config.c b/server/config.c index ffd26fd592..7f1d50e08d 100644 --- a/server/config.c +++ b/server/config.c @@ -2046,7 +2046,7 @@ static const char *process_resource_config_fnmatch(server_rec *s, /* If matching internal to path, and we happen to match something * other than a directory, skip it */ - if (rest && (rv == APR_SUCCESS) && (dirent.filetype != APR_DIR)) { + if (rest && (dirent.filetype != APR_DIR)) { continue; } fnew = (fnames *) apr_array_push(candidates); diff --git a/server/util_expr_eval.c b/server/util_expr_eval.c index 91f5c3515a..0f92f416c7 100644 --- a/server/util_expr_eval.c +++ b/server/util_expr_eval.c @@ -1720,7 +1720,7 @@ static int core_expr_lookup(ap_expr_lookup_parms *parms) case AP_EXPR_FUNC_STRING: case AP_EXPR_FUNC_OP_UNARY: case AP_EXPR_FUNC_OP_BINARY: { - const struct expr_provider_single *prov; + const struct expr_provider_single *prov = NULL; switch (parms->type) { case AP_EXPR_FUNC_STRING: prov = string_func_providers; @@ -1734,7 +1734,7 @@ static int core_expr_lookup(ap_expr_lookup_parms *parms) default: ap_assert(0); } - while (prov->func) { + while (prov && prov->func) { int match; if (parms->type == AP_EXPR_FUNC_OP_UNARY) match = !strcmp(prov->name, parms->name); diff --git a/support/win32/ApacheMonitor.c b/support/win32/ApacheMonitor.c index 26b54a00db..841b4ab236 100644 --- a/support/win32/ApacheMonitor.c +++ b/support/win32/ApacheMonitor.c @@ -912,7 +912,7 @@ LRESULT CALLBACK ConnectDlgProc(HWND hDlg, UINT message, WM_SETTEXT, (WPARAM) NULL, (LPARAM) szCmp); } - if (SHGetMalloc(&pMalloc)) { + if (SUCCEEDED(SHGetMalloc(&pMalloc))) { pMalloc->lpVtbl->Free(pMalloc, il); pMalloc->lpVtbl->Release(pMalloc); }