From ff9487248a5bc3f367eb203e942278127f38468f Mon Sep 17 00:00:00 2001 From: Chris Darroch Date: Sat, 10 May 2008 00:49:03 +0000 Subject: [PATCH] When testing for slash-terminated configuration paths in ap_location_walk(), don't look past the start of an empty string such as that created by a directive. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@654998 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 5 +++++ server/request.c | 3 ++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index af0a36e33c..1411e50d46 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,11 @@ Changes with Apache 2.3.0 [ When backported to 2.2.x, remove entry from this file ] + *) core: When testing for slash-terminated configuration paths in + ap_location_walk(), don't look past the start of an empty string + such as that created by a directive. + [Chris Darroch] + *) core, mod_proxy: If a kept_body is present, it becomes safe for subrequests to support message bodies. Make sure that safety checks within the core and within the proxy are not triggered diff --git a/server/request.c b/server/request.c index 5d4c9aa4b6..159d8a04af 100644 --- a/server/request.c +++ b/server/request.c @@ -1315,7 +1315,8 @@ AP_DECLARE(int) ap_location_walk(request_rec *r) : (entry_core->d_is_fnmatch ? apr_fnmatch(entry_core->d, cache->cached, APR_FNM_PATHNAME) : (strncmp(entry_core->d, cache->cached, len) - || (entry_core->d[len - 1] != '/' + || (len > 0 + && entry_core->d[len - 1] != '/' && cache->cached[len] != '/' && cache->cached[len] != '\0')))) { continue; -- 2.40.0