summaryrefslogtreecommitdiffstats
path: root/debian/patches/CVE-2021-36160-2.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/CVE-2021-36160-2.patch')
-rw-r--r--debian/patches/CVE-2021-36160-2.patch32
1 files changed, 32 insertions, 0 deletions
diff --git a/debian/patches/CVE-2021-36160-2.patch b/debian/patches/CVE-2021-36160-2.patch
new file mode 100644
index 0000000..cad5774
--- /dev/null
+++ b/debian/patches/CVE-2021-36160-2.patch
@@ -0,0 +1,32 @@
+Description: mod_proxy_uwsgi: Remove duplicate slashes at the beginning of PATH_INFO.
+ Relaxes the behaviour introduced by the CVE-2021-36160 fix
+Author: Stefan Eissing <icing@apache.org>
+Origin: upstream, https://github.com/apache/httpd/commit/8966e290a
+Forwarded: not-needed
+Reviewed-By: Yadd <yadd@debian.org>
+Last-Update: 2021-12-21
+
+--- a/modules/proxy/mod_proxy_uwsgi.c
++++ b/modules/proxy/mod_proxy_uwsgi.c
+@@ -467,11 +467,20 @@
+
+ /* ADD PATH_INFO (unescaped) */
+ u_path_info = ap_strchr(url + sizeof(UWSGI_SCHEME) + 2, '/');
+- if (!u_path_info || ap_unescape_url(u_path_info) != OK) {
++ if (!u_path_info) {
++ u_path_info = apr_pstrdup(r->pool, "/");
++ }
++ else if (ap_unescape_url(u_path_info) != OK) {
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10100)
+ "unable to decode uwsgi uri: %s", url);
+ return HTTP_INTERNAL_SERVER_ERROR;
+ }
++ else {
++ /* Remove duplicate slashes at the beginning of PATH_INFO */
++ while (u_path_info[1] == '/') {
++ u_path_info++;
++ }
++ }
+ apr_table_add(r->subprocess_env, "PATH_INFO", u_path_info);
+
+
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-22 19:59:04 +0000