From de0ff1a55f8ef81c6459baa0ec6a1f03d0375d91 Mon Sep 17 00:00:00 2001 From: Gregg Lewis Smith Date: Sat, 24 Jun 2017 05:49:45 +0000 Subject: [PATCH] Send a 404 response like other OSs do instead of 403 on Windows when a path segment or file requested uses a reserved word so Windows cannot be fingerprinted. PR55887 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1799731 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 4 ++++ server/request.c | 15 +++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/CHANGES b/CHANGES index 20972870d3..1c2a980c53 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,10 @@ -*- coding: utf-8 -*- Changes with Apache 2.5.0 + *) core: Send a 404 response like other OSs do instead of 403 on Windows + when a path segment or file requested uses a reserved word so Windows + cannot be fingerprinted. PR55887 [Gregg Smith] + *) mod_rewrite: Add 'RewriteOptions LongURLOptimization' to free memory from each set of unmatched rewrite conditions. [Eric Covener] diff --git a/server/request.c b/server/request.c index 55c32b276b..df48efdb4b 100644 --- a/server/request.c +++ b/server/request.c @@ -1211,10 +1211,25 @@ AP_DECLARE(int) ap_directory_walk(request_rec *r) break; } else if (thisinfo.filetype != APR_DIR) { +#ifdef _WIN32 + ap_regex_t *preg; +#endif ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(00038) "Forbidden: %s doesn't point to " "a file or directory", r->filename); +#ifdef _WIN32 + /* Windows has a number of reserved words that cannot be used + * as a file or directory name so thisinfo.filetype will + * always be != APR_DIR. Don't allow us be fingerprinted with + * a 403 and instead send a 404 like other OSs would. PR55887 + */ + preg = ap_pregcomp(r->pool, + "/(aux|con|com[1-9]|lpt[1-9]|nul|prn)" + "($|/|.)", AP_REG_EXTENDED | AP_REG_ICASE); + if (ap_regexec(preg, r->uri, 0, NULL, 0) == 0) + return r->status = HTTP_NOT_FOUND; +#endif return r->status = HTTP_FORBIDDEN; } -- 2.40.0