From f56bd9c539367865c061d7b077a07fff6c615c9c Mon Sep 17 00:00:00 2001 From: Bill Stoddard Date: Mon, 22 Apr 2002 03:25:40 +0000 Subject: [PATCH] Added the APLOG_TOCLIENT flag to ap_log_rerror() to explicitly tell the server that warning messages should be sent to the client in addition to being recorded in the error log. Prior to this change, ap_log_rerror() always sent warning messages to the client. In one case, a faulty CGI script caused the server to send a warning message to the client that contained the full path to the CGI script. This could be considered a minor security exposure. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94744 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 8 ++++++++ include/http_log.h | 5 +++++ server/log.c | 10 +++++----- server/util_script.c | 10 ++++++---- 4 files changed, 24 insertions(+), 9 deletions(-) diff --git a/CHANGES b/CHANGES index 5f9a875e04..bcd711c8f1 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,12 @@ Changes with Apache 2.0.36 + *) [Security] Added the APLOG_TOCLIENT flag to ap_log_rerror() to + explicitly tell the server that warning messages should be sent + to the client in addition to being recorded in the error log. + Prior to this change, ap_log_rerror() always sent warning + messages to the client. In one case, a faulty CGI script caused + the server to send a warning message to the client that contained + the full path to the CGI script. This could be considered a + minor security exposure. [Bill Stoddard] *) mod_autoindex output when SuppressRules was specified would omit the first carriage return so the first item in the list diff --git a/include/http_log.h b/include/http_log.h index d5f39db3da..68feb2edae 100644 --- a/include/http_log.h +++ b/include/http_log.h @@ -104,6 +104,11 @@ extern "C" { #define APLOG_NOERRNO (APLOG_LEVELMASK + 1) +/* Use APLOG_TOCLIENT to cause ap_log_rerror() to send the message + * to the client in addition to recording it to the error log. + */ +#define APLOG_TOCLIENT (APLOG_LEVELMASK + 2) + /* normal but significant condition on startup, usually printed to stderr */ #define APLOG_STARTUP ((APLOG_LEVELMASK + 1) * 4) diff --git a/server/log.c b/server/log.c index d6adc33917..fd2ed35ae6 100644 --- a/server/log.c +++ b/server/log.c @@ -556,16 +556,16 @@ AP_DECLARE(void) ap_log_rerror(const char *file, int line, int level, log_error_core(file, line, level, status, r->server, r, NULL, fmt, args); /* - * IF the error level is 'warning' or more severe, + * IF APLOG_TOCLIENT is set, + * AND the error level is 'warning' or more severe, * AND there isn't already error text associated with this request, * THEN make the message text available to ErrorDocument and - * other error processors. This can be disabled by stuffing - * something, even an empty string, into the "error-notes" cell - * before calling this routine. + * other error processors. */ va_end(args); va_start(args,fmt); - if (((level & APLOG_LEVELMASK) <= APLOG_WARNING) + if ((level & APLOG_TOCLIENT) + && ((level & APLOG_LEVELMASK) <= APLOG_WARNING) && (apr_table_get(r->notes, "error-notes") == NULL)) { apr_table_setn(r->notes, "error-notes", ap_escape_html(r->pool, apr_pvsprintf(r->pool, fmt, diff --git a/server/util_script.c b/server/util_script.c index 0b9521f85f..56a316628b 100644 --- a/server/util_script.c +++ b/server/util_script.c @@ -455,8 +455,9 @@ AP_DECLARE(int) ap_scan_script_header_err_core(request_rec *r, char *buffer, while (1) { if ((*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data) == 0) { - ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r, - "Premature end of script headers: %s", r->filename); + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR|APLOG_TOCLIENT, 0, r, + "Premature end of script headers: %s", + apr_filename_of_pathname(r->filename)); return HTTP_INTERNAL_SERVER_ERROR; } @@ -547,8 +548,9 @@ AP_DECLARE(int) ap_scan_script_header_err_core(request_rec *r, char *buffer, } } - ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, 0, r, - "%s: %s", malformed, r->filename); + ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR|APLOG_TOCLIENT, 0, r, + "%s: %s", malformed, + apr_filename_of_pathname(r->filename)); return HTTP_INTERNAL_SERVER_ERROR; } -- 2.40.0