arrfab / rpms / httpd

Forked from rpms/httpd 5 years ago
Clone

Blame SOURCES/httpd-2.4.6-r1533448.patch

0943f8
Index: modules/dav/fs/repos.c
0943f8
===================================================================
0943f8
--- a/modules/dav/fs/repos.c	(revision 1533447)
0943f8
+++ b/modules/dav/fs/repos.c	(revision 1533448)
0943f8
@@ -717,13 +717,13 @@
0943f8
     resource->pool = r->pool;
0943f8
 
0943f8
     /* make sure the URI does not have a trailing "/" */
0943f8
-    len = strlen(r->uri);
0943f8
-    if (len > 1 && r->uri[len - 1] == '/') {
0943f8
-        s = apr_pstrmemdup(r->pool, r->uri, len-1);
0943f8
+    len = strlen(r->unparsed_uri);
0943f8
+    if (len > 1 && r->unparsed_uri[len - 1] == '/') {
0943f8
+        s = apr_pstrmemdup(r->pool, r->unparsed_uri, len-1);
0943f8
         resource->uri = s;
0943f8
     }
0943f8
     else {
0943f8
-        resource->uri = r->uri;
0943f8
+        resource->uri = r->unparsed_uri;
0943f8
     }
0943f8
 
0943f8
     if (r->finfo.filetype != APR_NOFILE) {
0943f8
@@ -1482,6 +1482,18 @@
0943f8
     return dav_fs_deleteset(info->pool, resource);
0943f8
 }
0943f8
 
0943f8
+/* Take an unescaped path component and escape it and append it onto a
0943f8
+ * dav_buffer for a URI */
0943f8
+static apr_size_t dav_fs_append_uri(apr_pool_t *p, dav_buffer *pbuf,
0943f8
+                                    const char *path, apr_size_t pad)
0943f8
+{
0943f8
+    const char *epath = ap_escape_uri(p, path);
0943f8
+    apr_size_t epath_len = strlen(epath);
0943f8
+
0943f8
+    dav_buffer_place_mem(p, pbuf, epath, epath_len + 1, pad);
0943f8
+    return epath_len;
0943f8
+}
0943f8
+
0943f8
 /* ### move this to dav_util? */
0943f8
 /* Walk recursively down through directories, *
0943f8
  * including lock-null resources as we go.    */
0943f8
@@ -1537,6 +1549,7 @@
0943f8
     }
0943f8
     while ((apr_dir_read(&dirent, APR_FINFO_DIRENT, dirp)) == APR_SUCCESS) {
0943f8
         apr_size_t len;
0943f8
+        apr_size_t escaped_len;
0943f8
 
0943f8
         len = strlen(dirent.name);
0943f8
 
0943f8
@@ -1579,7 +1592,7 @@
0943f8
 
0943f8
         /* copy the file to the URI, too. NOTE: we will pad an extra byte
0943f8
            for the trailing slash later. */
0943f8
-        dav_buffer_place_mem(pool, &fsctx->uri_buf, dirent.name, len + 1, 1);
0943f8
+        escaped_len = dav_fs_append_uri(pool, &fsctx->uri_buf, dirent.name, 1);
0943f8
 
0943f8
         /* if there is a secondary path, then do that, too */
0943f8
         if (fsctx->path2.buf != NULL) {
0943f8
@@ -1612,7 +1625,7 @@
0943f8
             fsctx->path2.cur_len += len;
0943f8
 
0943f8
             /* adjust URI length to incorporate subdir and a slash */
0943f8
-            fsctx->uri_buf.cur_len += len + 1;
0943f8
+            fsctx->uri_buf.cur_len += escaped_len + 1;
0943f8
             fsctx->uri_buf.buf[fsctx->uri_buf.cur_len - 1] = '/';
0943f8
             fsctx->uri_buf.buf[fsctx->uri_buf.cur_len] = '\0';
0943f8
 
0943f8
@@ -1678,8 +1691,8 @@
0943f8
             */
0943f8
             dav_buffer_place_mem(pool, &fsctx->path1,
0943f8
                                  fsctx->locknull_buf.buf + offset, len + 1, 0);
0943f8
-            dav_buffer_place_mem(pool, &fsctx->uri_buf,
0943f8
-                                 fsctx->locknull_buf.buf + offset, len + 1, 0);
0943f8
+            dav_fs_append_uri(pool, &fsctx->uri_buf,
0943f8
+                              fsctx->locknull_buf.buf + offset, 0);
0943f8
             if (fsctx->path2.buf != NULL) {
0943f8
                 dav_buffer_place_mem(pool, &fsctx->path2,
0943f8
                                      fsctx->locknull_buf.buf + offset,
0943f8
Index: modules/dav/main/mod_dav.c
0943f8
===================================================================
0943f8
--- a/modules/dav/main/mod_dav.c	(revision 1533447)
0943f8
+++ b/modules/dav/main/mod_dav.c	(revision 1533448)
0943f8
@@ -396,11 +396,9 @@
0943f8
  */
0943f8
 static const char *dav_xml_escape_uri(apr_pool_t *p, const char *uri)
0943f8
 {
0943f8
-    const char *e_uri = ap_escape_uri(p, uri);
0943f8
-
0943f8
     /* check the easy case... */
0943f8
-    if (ap_strchr_c(e_uri, '&') == NULL)
0943f8
-        return e_uri;
0943f8
+    if (ap_strchr_c(uri, '&') == NULL)
0943f8
+        return uri;
0943f8
 
0943f8
     /* there was a '&', so more work is needed... sigh. */
0943f8
 
0943f8
@@ -408,7 +406,7 @@
0943f8
      * Note: this is a teeny bit of overkill since we know there are no
0943f8
      * '<' or '>' characters, but who cares.
0943f8
      */
0943f8
-    return apr_xml_quote_string(p, e_uri, 0);
0943f8
+    return apr_xml_quote_string(p, uri, 0);
0943f8
 }
0943f8
 
0943f8
 
0943f8
@@ -604,7 +602,8 @@
0943f8
     return DONE;
0943f8
 }
0943f8
 
0943f8
-/* handy function for return values of methods that (may) create things */
0943f8
+/* handy function for return values of methods that (may) create things.
0943f8
+ * locn if provided is assumed to be escaped. */
0943f8
 static int dav_created(request_rec *r, const char *locn, const char *what,
0943f8
                        int replaced)
0943f8
 {
0943f8
@@ -612,8 +611,6 @@
0943f8
 
0943f8
     if (locn == NULL) {
0943f8
         locn = r->unparsed_uri;
0943f8
-    } else {
0943f8
-        locn = ap_escape_uri(r->pool, locn);
0943f8
     }
0943f8
 
0943f8
     /* did the target resource already exist? */
0943f8
@@ -3004,7 +3001,7 @@
0943f8
     }
0943f8
 
0943f8
     /* return an appropriate response (HTTP_CREATED or HTTP_NO_CONTENT) */
0943f8
-    return dav_created(r, lookup.rnew->uri, "Destination",
0943f8
+    return dav_created(r, lookup.rnew->unparsed_uri, "Destination",
0943f8
                        resnew_state == DAV_RESOURCE_EXISTS);
0943f8
 }
0943f8
 
0943f8
@@ -4610,7 +4607,7 @@
0943f8
 
0943f8
     /* return an appropriate response (HTTP_CREATED) */
0943f8
     /* ### spec doesn't say what happens when destination was replaced */
0943f8
-    return dav_created(r, lookup.rnew->uri, "Binding", 0);
0943f8
+    return dav_created(r, lookup.rnew->unparsed_uri, "Binding", 0);
0943f8
 }
0943f8
 
0943f8
 
0943f8
Index: modules/dav/main/mod_dav.h
0943f8
===================================================================
0943f8
--- a/modules/dav/main/mod_dav.h	(revision 1533447)
0943f8
+++ b/modules/dav/main/mod_dav.h	(revision 1533448)
0943f8
@@ -386,7 +386,7 @@
0943f8
                          * REGULAR and WORKSPACE resources,
0943f8
                          * and is always 1 for WORKING */
0943f8
 
0943f8
-    const char *uri;    /* the URI for this resource */
0943f8
+    const char *uri;    /* the escaped URI for this resource */
0943f8
 
0943f8
     dav_resource_private *info;         /* the provider's private info */
0943f8