kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/www/apache20/files/patch-server__util.c
Philip M. Gollucci 75fd8aa481 - Update to 2.0.64 
- normalize patch-pcre.diff into makepatch format
- All 4 CVE patches are included upstream and part of 2.0.64
- part of the local apxs.in changes are upstream now too
- some patches were regenerated for offset updates

  ** There is NO security update here.  **

Changes:    http://www.apache.org/dist/httpd/CHANGES_2.0
With Hat:   apache@

<ChangeLog>
  *) SECURITY: CVE-2010-1452 (cve.mitre.org)
     mod_dav: Fix Handling of requests without a path segment.
     PR: 49246 [Mark Drayton, Jeff Trawick]

  *) SECURITY: CVE-2009-1891 (cve.mitre.org)
     Fix a potential Denial-of-Service attack against mod_deflate or other
     modules, by forcing the server to consume CPU time in compressing a
     large file after a client disconnects.  PR 39605.
     [Joe Orton, Ruediger Pluem]

  *) SECURITY: CVE-2009-3095 (cve.mitre.org)
     mod_proxy_ftp: sanity check authn credentials.
     [Stefan Fritsch <sf fritsch.de>, Joe Orton]

  *) SECURITY: CVE-2009-3094 (cve.mitre.org)
     mod_proxy_ftp: NULL pointer dereference on error paths.
     [Stefan Fritsch <sf fritsch.de>, Joe Orton]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: Comprehensive fix of the TLS renegotiation prefix injection
     attack when compiled against OpenSSL version 0.9.8m or later. Introduces
     the 'SSLInsecureRenegotiation' directive to reopen this vulnerability
     and offer unsafe legacy renegotiation with clients which do not yet
     support the new secure renegotiation protocol, RFC 5746.
     [Joe Orton, and with thanks to the OpenSSL Team]

  *) SECURITY: CVE-2009-3555 (cve.mitre.org)
     mod_ssl: A partial fix for the TLS renegotiation prefix injection attack
     for OpenSSL versions prior to 0.9.8l; reject any client-initiated
     renegotiations. Forcibly disable keepalive for the connection if there
     is any buffered data readable. Any configuration which requires
     renegotiation for per-directory/location access control is still
     vulnerable, unless using openssl 0.9.8l or later.
     [Joe Orton, Ruediger Pluem, Hartmut Keil <Hartmut.Keil adnovum.ch>,
      Rainer Jung]

  *) SECURITY: CVE-2010-0434 (cve.mitre.org)
     Ensure each subrequest has a shallow copy of headers_in so that the
     parent request headers are not corrupted.  Elimiates a problematic
     optimization in the case of no request body.  PR 48359
     [Jake Scott, William Rowe, Ruediger Pluem]

  *) SECURITY: CVE-2008-2364 (cve.mitre.org)
     mod_proxy_http: Better handling of excessive interim responses
     from origin server to prevent potential denial of service and high
     memory usage. Reported by Ryujiro Shibuya. [Ruediger Pluem,
     Joe Orton, Jim Jagielski]

  *) SECURITY: CVE-2010-0425 (cve.mitre.org)
     mod_isapi: Do not unload an isapi .dll module until the request
     processing is completed, avoiding orphaned callback pointers.
     [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]

  *) SECURITY: CVE-2008-2939 (cve.mitre.org)
     mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
     the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem]

  *) Fix recursive ErrorDocument handling. PR 36090 [Chris Darroch]

  *) mod_ssl: Do not do overlapping memcpy. PR 45444 [Joe Orton]

  *) Add Set-Cookie and Set-Cookie2 to the list of headers allowed to pass
     through on a 304 response.  [Nick Kew]

  *) apxs: Fix -A and -a options to ignore whitespace in httpd.conf
     [Philip M. Gollucci]
</ChangeLog>
2010-10-21 05:55:24 +00:00

88 lines
3 KiB
C
Raw Blame History

--- ./server/util.c.orig 2006-07-12 07:40:55.000000000 +0000
+++ ./server/util.c 2010-10-21 05:40:53.646625433 +0000
@@ -247,25 +247,25 @@
}
/*
- * Here's a pool-based interface to POSIX regex's regcomp().
- * Note that we return regex_t instead of being passed one.
- * The reason is that if you use an already-used regex_t structure,
+ * Here's a pool-based interface to the POSIX-esque ap_regcomp().
+ * Note that we return ap_regex_t instead of being passed one.
+ * The reason is that if you use an already-used ap_regex_t structure,
* the memory that you've already allocated gets forgotten, and
* regfree() doesn't clear it. So we don't allow it.
*/
static apr_status_t regex_cleanup(void *preg)
{
- regfree((regex_t *) preg);
+ ap_regfree((ap_regex_t *) preg);
return APR_SUCCESS;
}
-AP_DECLARE(regex_t *) ap_pregcomp(apr_pool_t *p, const char *pattern,
- int cflags)
+AP_DECLARE(ap_regex_t *) ap_pregcomp(apr_pool_t *p, const char *pattern,
+ int cflags)
{
- regex_t *preg = apr_palloc(p, sizeof(regex_t));
+ ap_regex_t *preg = apr_palloc(p, sizeof *preg);
- if (regcomp(preg, pattern, cflags)) {
+ if (ap_regcomp(preg, pattern, cflags)) {
return NULL;
}
@@ -275,9 +275,9 @@
return preg;
}
-AP_DECLARE(void) ap_pregfree(apr_pool_t *p, regex_t * reg)
+AP_DECLARE(void) ap_pregfree(apr_pool_t *p, ap_regex_t *reg)
{
- regfree(reg);
+ ap_regfree(reg);
apr_pool_cleanup_kill(p, (void *) reg, regex_cleanup);
}
@@ -344,29 +344,10 @@
return bigstring;
}
-/*
- * Apache stub function for the regex libraries regexec() to make sure the
- * whole regex(3) API is available through the Apache (exported) namespace.
- * This is especially important for the DSO situations of modules.
- * DO NOT MAKE A MACRO OUT OF THIS FUNCTION!
- */
-AP_DECLARE(int) ap_regexec(regex_t *preg, const char *string,
- size_t nmatch, regmatch_t pmatch[], int eflags)
-{
- return regexec(preg, string, nmatch, pmatch, eflags);
-}
-
-AP_DECLARE(size_t) ap_regerror(int errcode, const regex_t *preg, char *errbuf,
- size_t errbuf_size)
-{
- return regerror(errcode, preg, errbuf, errbuf_size);
-}
-
-
/* This function substitutes for $0-$9, filling in regular expression
* submatches. Pass it the same nmatch and pmatch arguments that you
* passed ap_regexec(). pmatch should not be greater than the maximum number
- * of subexpressions - i.e. one more than the re_nsub member of regex_t.
+ * of subexpressions - i.e. one more than the re_nsub member of ap_regex_t.
*
* input should be the string with the $-expressions, source should be the
* string that was matched against.
@@ -379,7 +360,7 @@
AP_DECLARE(char *) ap_pregsub(apr_pool_t *p, const char *input,
const char *source, size_t nmatch,
- regmatch_t pmatch[])
+ ap_regmatch_t pmatch[])
{
const char *src = input;
char *dest, *dst;
Reference in a new issue View git blame Copy permalink