/[apache]/trunk/dist/2.2/patches/25_all-apply_to_2.2.21-CVE-2011-3368.patch
Gentoo

Contents of /trunk/dist/2.2/patches/25_all-apply_to_2.2.21-CVE-2011-3368.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 239 - (hide annotations) (download)
Tue Oct 18 06:12:18 2011 UTC (2 years, 10 months ago) by pva
File size: 1123 byte(s)
Patch to fix Reverse Proxy Mode Security Bypass (CVE-2011-3368).
1 pva 239
2     SECURITY (CVE-2011-3368): Prevent unintended pattern expansion in some
3     reverse proxy configurations by strictly validating the request-URI.
4    
5     http://svn.apache.org/viewvc?rev=1179239&view=rev
6    
7     --- httpd-2.2.21/server/protocol.c
8     +++ httpd-2.2.21/server/protocol.c
9     @@ -640,6 +640,25 @@
10    
11     ap_parse_uri(r, uri);
12    
13     + /* RFC 2616:
14     + * Request-URI = "*" | absoluteURI | abs_path | authority
15     + *
16     + * authority is a special case for CONNECT. If the request is not
17     + * using CONNECT, and the parsed URI does not have scheme, and
18     + * it does not begin with '/', and it is not '*', then, fail
19     + * and give a 400 response. */
20     + if (r->method_number != M_CONNECT
21     + && !r->parsed_uri.scheme
22     + && uri[0] != '/'
23     + && !(uri[0] == '*' && uri[1] == '\0')) {
24     + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
25     + "invalid request-URI %s", uri);
26     + r->args = NULL;
27     + r->hostname = NULL;
28     + r->status = HTTP_BAD_REQUEST;
29     + r->uri = apr_pstrdup(r->pool, uri);
30     + }
31     +
32     if (ll[0]) {
33     r->assbackwards = 0;
34     pro = ll;

  ViewVC Help
Powered by ViewVC 1.1.20