From 093b9d66a033be91170c98adfac9675e343c5f4c Mon Sep 17 00:00:00 2001
From: Nick Kew <niq@apache.org>
Date: Mon, 2 Nov 2009 22:51:45 +0000
Subject: [PATCH] Vhosts: treating a pure-numeric Host header as a port is
 nonsense. PR 44979

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@832172 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES        |  3 +++
 server/vhost.c | 18 ++++++++++--------
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/CHANGES b/CHANGES
index d22da358e9..4fe5853d7e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -10,6 +10,9 @@ Changes with Apache 2.3.3
      mod_proxy_ftp: NULL pointer dereference on error paths.
      [Stefan Fritsch <sf fritsch.de>, Joe Orton]
 
+  *) vhost: A purely-numeric Host: header should not be treated as a port.
+     PR 44979 [Nick Kew]
+
   *) mod_ldap: Avoid 500 errors with "Unable to set LDAP_OPT_REFHOPLIMIT option to 5"
      when built against openldap by using SDK LDAP_OPT_REFHOPLIMIT defaults unless
      LDAPReferralHopLimit is explicitly configured.
diff --git a/server/vhost.c b/server/vhost.c
index 6ed6cfea83..4499aba686 100644
--- a/server/vhost.c
+++ b/server/vhost.c
@@ -705,25 +705,27 @@ static void fix_hostname(request_rec *r)
     char *dst;
     apr_port_t port;
     apr_status_t rv;
+    const char *c;
 
     /* According to RFC 2616, Host header field CAN be blank. */
     if (!*r->hostname) {
         return;
     }
 
+    /* apr_parse_addr_port will interpret a bare integer as a port
+     * which is incorrect in this context.  So treat it separately.
+     */
+    for (c = r->hostname; apr_isdigit(*c); ++c);
+    if (!*c) {  /* pure integer */
+        return;
+    }
+
     rv = apr_parse_addr_port(&host, &scope_id, &port, r->hostname, r->pool);
     if (rv != APR_SUCCESS || scope_id) {
         goto bad;
     }
 
-    if (!host && port) {
-        /* silly looking host ("Host: 123") but that isn't our job
-         * here to judge; apr_parse_addr_port() would think we had a port
-         * but no address
-         */
-        host = apr_itoa(r->pool, (int)port);
-    }
-    else if (port) {
+    if (port) {
         /* Don't throw the Host: header's port number away:
            save it in parsed_uri -- ap_get_server_port() needs it! */
         /* @@@ XXX there should be a better way to pass the port.
-- 
2.40.0