mirror of
https://github.com/apache/httpd.git
synced 2025-08-08 15:02:10 +03:00
* modules/proxy/proxy_util.c (ap_proxy_checkproxyblock): Fix memory
leak/thread-unsafe use of pconf. Submitted by: rpluem, jorton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1365020 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Joe Orton
3
CHANGES
3
CHANGES
@@ -1,6 +1,9 @@
|
|||||||
-*- coding: utf-8 -*-
|
-*- coding: utf-8 -*-
|
||||||
Changes with Apache 2.5.0
|
Changes with Apache 2.5.0
|
||||||
|
|
||||||
|
*) mod_proxy: Fix memory leak or possible corruption in ProxyBlock
|
||||||
|
implementation. [Ruediger Pluem, Joe Orton]
|
||||||
|
|
||||||
*) mod_proxy: Check hostname from request URI against ProxyBlock list,
|
*) mod_proxy: Check hostname from request URI against ProxyBlock list,
|
||||||
not forward proxy, if ProxyRemote* is configured. [Joe Orton]
|
not forward proxy, if ProxyRemote* is configured. [Joe Orton]
|
||||||
|
|
||||||
|
|||||||
@@ -759,6 +759,8 @@ static int proxy_match_word(struct dirconn_entry *This, request_rec *r)
|
|||||||
return host != NULL && ap_strstr_c(host, This->name) != NULL;
|
return host != NULL && ap_strstr_c(host, This->name) != NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define MAX_IP_STR_LEN (46)
|
||||||
|
|
||||||
PROXY_DECLARE(int) ap_proxy_checkproxyblock(request_rec *r, proxy_server_conf *conf,
|
PROXY_DECLARE(int) ap_proxy_checkproxyblock(request_rec *r, proxy_server_conf *conf,
|
||||||
const char *hostname, apr_sockaddr_t *addr)
|
const char *hostname, apr_sockaddr_t *addr)
|
||||||
{
|
{
|
||||||
@@ -788,19 +790,19 @@ PROXY_DECLARE(int) ap_proxy_checkproxyblock(request_rec *r, proxy_server_conf *c
|
|||||||
|
|
||||||
while (conf_addr) {
|
while (conf_addr) {
|
||||||
apr_sockaddr_t *uri_addr = addr;
|
apr_sockaddr_t *uri_addr = addr;
|
||||||
|
char caddr[MAX_IP_STR_LEN], uaddr[MAX_IP_STR_LEN];
|
||||||
|
|
||||||
|
apr_sockaddr_ip_getbuf(caddr, sizeof caddr, conf_addr);
|
||||||
|
|
||||||
while (uri_addr) {
|
while (uri_addr) {
|
||||||
char *conf_ip;
|
apr_sockaddr_ip_getbuf(uaddr, sizeof uaddr, uri_addr);
|
||||||
char *uri_ip;
|
|
||||||
apr_sockaddr_ip_get(&conf_ip, conf_addr);
|
|
||||||
apr_sockaddr_ip_get(&uri_ip, uri_addr);
|
|
||||||
ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
|
ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r,
|
||||||
"ProxyBlock comparing %s and %s", conf_ip,
|
"ProxyBlock comparing %s and %s", caddr,
|
||||||
uri_ip);
|
uaddr);
|
||||||
if (!apr_strnatcasecmp(conf_ip, uri_ip)) {
|
if (!strcmp(caddr, uaddr)) {
|
||||||
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(00917)
|
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(00917)
|
||||||
"connect to remote machine %s blocked: "
|
"connect to remote machine %s blocked: "
|
||||||
"IP %s matched", hostname, conf_ip);
|
"IP %s matched", hostname, caddr);
|
||||||
return HTTP_FORBIDDEN;
|
return HTTP_FORBIDDEN;
|
||||||
}
|
}
|
||||||
uri_addr = uri_addr->next;
|
uri_addr = uri_addr->next;
|
||||||
|
|||||||
Reference in New Issue
Block a user