source: trunk/server/common/patches/httpd-2.2.x-CVE-2010-0434.patch @ 1505

Last change on this file since 1505 was 1505, checked in by mitchb, 13 years ago
CVE-2010-0434: Putting the "Patch" in "Apache" since... well, 2010
File size: 1.8 KB
  • httpd-2.2.x/server/protocol.c

     
    10411041    return r;
    10421042}
    10431043
    1044 /* if a request with a body creates a subrequest, clone the original request's
    1045  * input headers minus any headers pertaining to the body which has already
    1046  * been read.  out-of-line helper function for ap_set_sub_req_protocol.
     1044/* if a request with a body creates a subrequest, remove original request's
     1045 * input headers which pertain to the body which has already been read.
     1046 * out-of-line helper function for ap_set_sub_req_protocol.
    10471047 */
    10481048
    1049 static void clone_headers_no_body(request_rec *rnew,
    1050                                   const request_rec *r)
     1049static void strip_headers_request_body(request_rec *rnew)
    10511050{
    1052     rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in);
    10531051    apr_table_unset(rnew->headers_in, "Content-Encoding");
    10541052    apr_table_unset(rnew->headers_in, "Content-Language");
    10551053    apr_table_unset(rnew->headers_in, "Content-Length");
     
    10831081
    10841082    rnew->status          = HTTP_OK;
    10851083
     1084    rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in);
     1085
    10861086    /* did the original request have a body?  (e.g. POST w/SSI tags)
    10871087     * if so, make sure the subrequest doesn't inherit body headers
    10881088     */
    10891089    if (apr_table_get(r->headers_in, "Content-Length")
    10901090        || apr_table_get(r->headers_in, "Transfer-Encoding")) {
    1091         clone_headers_no_body(rnew, r);
    1092     } else {
    1093         /* no body (common case).  clone headers the cheap way */
    1094         rnew->headers_in      = r->headers_in;
     1091        strip_headers_request_body(rnew);
    10951092    }
    10961093    rnew->subprocess_env  = apr_table_copy(rnew->pool, r->subprocess_env);
    10971094    rnew->headers_out     = apr_table_make(rnew->pool, 5);
Note: See TracBrowser for help on using the repository browser.