From 51ee55352006ef36bba988de9f7e9a8719e356dc Mon Sep 17 00:00:00 2001 From: Greg Stein Date: Tue, 15 Oct 2002 23:23:15 +0000 Subject: [PATCH] Code a bit more defensively. If dav_lookup_uri() ever placed user input into lookup.err.desc for the HTTP_BAD_REQUEST case, then we could have problems (via a format string attack). This change frees us from *future* worries. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@97233 13f79535-47bb-0310-9956-ffa450edef68 --- modules/dav/main/mod_dav.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/dav/main/mod_dav.c b/modules/dav/main/mod_dav.c index 707fed3760..246dadee52 100644 --- a/modules/dav/main/mod_dav.c +++ b/modules/dav/main/mod_dav.c @@ -2522,7 +2522,7 @@ static int dav_method_copymove(request_rec *r, int is_move) if (lookup.err.status == HTTP_BAD_REQUEST) { /* This supplies additional information for the default message. */ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - lookup.err.desc); + "%s", lookup.err.desc); return HTTP_BAD_REQUEST; } @@ -3684,7 +3684,7 @@ static int dav_method_update(request_rec *r) if (lookup.err.status == HTTP_BAD_REQUEST) { /* This supplies additional information for the default message. */ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - lookup.err.desc); + "%s", lookup.err.desc); return HTTP_BAD_REQUEST; } @@ -4147,7 +4147,7 @@ static int dav_method_merge(request_rec *r) if (lookup.err.status == HTTP_BAD_REQUEST) { /* This supplies additional information for the default message. */ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - lookup.err.desc); + "%s", lookup.err.desc); return HTTP_BAD_REQUEST; } @@ -4269,7 +4269,7 @@ static int dav_method_bind(request_rec *r) if (lookup.err.status == HTTP_BAD_REQUEST) { /* This supplies additional information for the default message. */ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - lookup.err.desc); + "%s", lookup.err.desc); return HTTP_BAD_REQUEST; } else if (lookup.err.status == HTTP_BAD_GATEWAY) { -- 2.40.0