summaryrefslogtreecommitdiffstats
path: root/debian/patches/CVE-2021-40438.patch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-25 04:41:28 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-25 04:41:28 +0000
commit2eeb62e38ae17a3523ad3cd81c3de9f20f9e7742 (patch)
treefe91033d4712f6d836006b998525656b9dd193b8 /debian/patches/CVE-2021-40438.patch
parentMerging upstream version 2.4.59. (diff)
downloadapache2-1b9588a34525d60065da3828773ba1c84c8cbcd0.tar.xz
apache2-1b9588a34525d60065da3828773ba1c84c8cbcd0.zip
Adding debian version 2.4.59-1~deb10u1.debian/2.4.59-1_deb10u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/CVE-2021-40438.patch')
-rw-r--r--debian/patches/CVE-2021-40438.patch124
1 files changed, 0 insertions, 124 deletions
diff --git a/debian/patches/CVE-2021-40438.patch b/debian/patches/CVE-2021-40438.patch
deleted file mode 100644
index 8cf60a7..0000000
--- a/debian/patches/CVE-2021-40438.patch
+++ /dev/null
@@ -1,124 +0,0 @@
-Description: Backport of the following patches:
-Origin: upstream,
- https://github.com/apache/httpd/commit/496c863776c68bd08cdbeb7d8fa5935ba63b76c2
- https://github.com/apache/httpd/commit/d4901cb32133bc0e59ad193a29d1665597080d67
- https://github.com/apache/httpd/commit/81a8b0133b46c4cf7dfc4b5476ad46eb34aa0a5c
- https://github.com/apache/httpd/commit/6e768a811c59ca6a0769b72681aaef381823339f
-Forwarded: not-needed
-Reviewed-By: Moritz Muehlenhoff <jmm@inutil.org>
-Last-Update: 2021-09-30
-
---- a/modules/mappers/mod_rewrite.c
-+++ b/modules/mappers/mod_rewrite.c
-@@ -620,6 +620,13 @@
- return 6;
- }
- break;
-+
-+ case 'u':
-+ case 'U':
-+ if (!ap_cstr_casecmpn(uri, "nix:", 4)) { /* unix: */
-+ *sqs = 1;
-+ return (uri[4] == '/' && uri[5] == '/') ? 7 : 5;
-+ }
- }
-
- return 0;
---- a/modules/proxy/mod_proxy.c
-+++ b/modules/proxy/mod_proxy.c
-@@ -1690,7 +1690,7 @@
- * the UDS path... ignore it
- */
- if (!strncasecmp(url, "unix:", 5) &&
-- ((ptr = ap_strchr_c(url, '|')) != NULL)) {
-+ ((ptr = ap_strchr_c(url + 5, '|')) != NULL)) {
- /* move past the 'unix:...|' UDS path info */
- const char *ret, *c;
-
---- a/modules/proxy/proxy_util.c
-+++ b/modules/proxy/proxy_util.c
-@@ -2077,33 +2077,43 @@
- * were passed a UDS url (eg: from mod_proxy) and adjust uds_path
- * as required.
- */
--static void fix_uds_filename(request_rec *r, char **url)
-+static int fix_uds_filename(request_rec *r, char **url)
- {
-- char *ptr, *ptr2;
-- if (!r || !r->filename) return;
-+ char *uds_url = r->filename + 6, *origin_url;
-
- if (!strncmp(r->filename, "proxy:", 6) &&
-- (ptr2 = ap_strcasestr(r->filename, "unix:")) &&
-- (ptr = ap_strchr(ptr2, '|'))) {
-+ !ap_cstr_casecmpn(uds_url, "unix:", 5) &&
-+ (origin_url = ap_strchr(uds_url + 5, '|'))) {
-+ char *uds_path = NULL;
-+ apr_size_t url_len;
- apr_uri_t urisock;
- apr_status_t rv;
-- *ptr = '\0';
-- rv = apr_uri_parse(r->pool, ptr2, &urisock);
-- if (rv == APR_SUCCESS) {
-- char *rurl = ptr+1;
-- char *sockpath = ap_runtime_dir_relative(r->pool, urisock.path);
-- apr_table_setn(r->notes, "uds_path", sockpath);
-- *url = apr_pstrdup(r->pool, rurl); /* so we get the scheme for the uds */
-- /* r->filename starts w/ "proxy:", so add after that */
-- memmove(r->filename+6, rurl, strlen(rurl)+1);
-- ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
-- "*: rewrite of url due to UDS(%s): %s (%s)",
-- sockpath, *url, r->filename);
-+
-+ *origin_url = '\0';
-+ rv = apr_uri_parse(r->pool, uds_url, &urisock);
-+ *origin_url++ = '|';
-+
-+ if (rv == APR_SUCCESS && urisock.path && (!urisock.hostname
-+ || !urisock.hostname[0])) {
-+ uds_path = ap_runtime_dir_relative(r->pool, urisock.path);
- }
-- else {
-- *ptr = '|';
-+ if (!uds_path) {
-+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10292)
-+ "Invalid proxy UDS filename (%s)", r->filename);
-+ return 0;
- }
-+ apr_table_setn(r->notes, "uds_path", uds_path);
-+
-+ /* Remove the UDS path from *url and r->filename */
-+ url_len = strlen(origin_url);
-+ *url = apr_pstrmemdup(r->pool, origin_url, url_len);
-+ memcpy(uds_url, *url, url_len + 1);
-+
-+ ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
-+ "*: rewrite of url due to UDS(%s): %s (%s)",
-+ uds_path, *url, r->filename);
- }
-+ return 1;
- }
-
- PROXY_DECLARE(int) ap_proxy_pre_request(proxy_worker **worker,
-@@ -2121,7 +2131,9 @@
- "%s: found worker %s for %s",
- (*worker)->s->scheme, (*worker)->s->name, *url);
- *balancer = NULL;
-- fix_uds_filename(r, url);
-+ if (!fix_uds_filename(r, url)) {
-+ return HTTP_INTERNAL_SERVER_ERROR;
-+ }
- access_status = OK;
- }
- else if (r->proxyreq == PROXYREQ_PROXY) {
-@@ -2152,7 +2164,9 @@
- * regarding the Connection header in the request.
- */
- apr_table_setn(r->subprocess_env, "proxy-nokeepalive", "1");
-- fix_uds_filename(r, url);
-+ if (!fix_uds_filename(r, url)) {
-+ return HTTP_INTERNAL_SERVER_ERROR;
-+ }
- }
- }
- }