From ddabe66f5e8fc9684b9c7b2e253aac4605fd3bb5 Mon Sep 17 00:00:00 2001
From: Eric Covener <covener@apache.org>
Date: Thu, 29 Nov 2012 00:24:44 +0000
Subject: [PATCH] PR54222: catch invalid ServerTokens args

Submitted by: Jackie Zhang  <jackie.qq.zhang gmail.com>
Reviewed/modified by: covener



git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1415008 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES       | 3 +++
 server/core.c | 5 ++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index 9e0d080c24..3522152c0b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) core: Fail startup if the argument to ServerTokens is unrecognized.
+     [Jackie Zhang  <jackie.qq.zhang gmail.com>]
+
   *) mod_log_forensic: Don't log a spurious "-" if a request has been rejected
      before mod_log_forensic could attach its id to it. [Stefan Fritsch]
 
diff --git a/server/core.c b/server/core.c
index c6c47d3360..65bdff0de8 100644
--- a/server/core.c
+++ b/server/core.c
@@ -3234,9 +3234,12 @@ static const char *set_serv_tokens(cmd_parms *cmd, void *dummy,
     else if (!strcasecmp(arg1, "Prod") || !strcasecmp(arg1, "ProductOnly")) {
         ap_server_tokens = SrvTk_PRODUCT_ONLY;
     }
-    else {
+    else if (!strcasecmp(arg1, "Full")) { 
         ap_server_tokens = SrvTk_FULL;
     }
+    else { 
+        return "ServerTokens takes 1 argument, 'Min', 'Major', 'Minor', 'Prod', or 'Full'";
+    }
 
     return NULL;
 }
-- 
2.49.0