From: Joe Orton <jorton@apache.org>
Date: Tue, 10 Oct 2017 17:56:40 +0000 (+0000)
Subject: Merge r1809209 from trunk:
X-Git-Tag: 2.4.29~46
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e93048971f2174c257c1dbf84a3883bd214a1290;p=apache

Merge r1809209 from trunk:

Fix a segmentation fault if AuthzDBDQuery is not set.

PR: 61546
Submitted by: Lubos Uhliarik <luhliari redhat.com>
Reviewed by: jailletc36, ylavic, elukey


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1811749 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 76a363accb..3f14645bd3 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.29
 
+  *) mod_authz_dbd: fix a segmentation fault if AuthzDBDQuery is not set.
+     PR 61546.  [Lubos Uhliarik <luhliari redhat.com>]
+
   *) mod_rewrite: Add support for starting External Rewriting Programs
      as non-root user on UNIX systems by specifying username and group
      name as third argument of RewriteMap directive.  [Jan Kaluza]
diff --git a/modules/aaa/mod_authz_dbd.c b/modules/aaa/mod_authz_dbd.c
index 52aab3809a..e1bb6232cf 100644
--- a/modules/aaa/mod_authz_dbd.c
+++ b/modules/aaa/mod_authz_dbd.c
@@ -119,7 +119,7 @@ static int authz_dbd_login(request_rec *r, authz_dbd_cfg *cfg,
     const char *newuri = NULL;
     int nrows;
     const char *message;
-    ap_dbd_t *dbd = dbd_handle(r);
+    ap_dbd_t *dbd;
     apr_dbd_prepared_t *query;
     apr_dbd_results_t *res = NULL;
     apr_dbd_row_t *row = NULL;
@@ -129,6 +129,8 @@ static int authz_dbd_login(request_rec *r, authz_dbd_cfg *cfg,
                       "No query configured for %s!", action);
         return HTTP_INTERNAL_SERVER_ERROR;
     }
+    
+    dbd = dbd_handle(r);
     if (dbd == NULL) {
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02902)
                       "No db handle available for %s! "
@@ -136,6 +138,7 @@ static int authz_dbd_login(request_rec *r, authz_dbd_cfg *cfg,
                       action);
         return HTTP_INTERNAL_SERVER_ERROR;
     }
+
     query = apr_hash_get(dbd->prepared, cfg->query, APR_HASH_KEY_STRING);
     if (query == NULL) {
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01643)
@@ -212,7 +215,7 @@ static int authz_dbd_group_query(request_rec *r, authz_dbd_cfg *cfg,
     /* SELECT group FROM authz WHERE user = %s */
     int rv;
     const char *message;
-    ap_dbd_t *dbd = dbd_handle(r);
+    ap_dbd_t *dbd;
     apr_dbd_prepared_t *query;
     apr_dbd_results_t *res = NULL;
     apr_dbd_row_t *row = NULL;
@@ -222,12 +225,15 @@ static int authz_dbd_group_query(request_rec *r, authz_dbd_cfg *cfg,
                       "No query configured for dbd-group!");
         return HTTP_INTERNAL_SERVER_ERROR;
     }
+    
+    dbd = dbd_handle(r);
     if (dbd == NULL) {
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(02903)
                       "No db handle available for dbd-query! "
                       "Check your database access");
         return HTTP_INTERNAL_SERVER_ERROR;
     }
+
     query = apr_hash_get(dbd->prepared, cfg->query, APR_HASH_KEY_STRING);
     if (query == NULL) {
         ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01650)