www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-11-06 16:49:32 +03:00
Code Activity
20,581 Commits 62 Branches 304 Tags
433c97df4e100b7ae76bc3db406eeb4d901b9700
Commit Graph

18 Commits

Author SHA1 Message Date
Jim Jagielski
e0d16cce4d Note for future dev.... 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1030496 13f79535-47bb-0310-9956-ffa450edef68
 2010-11-03 15:21:50 +00:00
Paul Querna
ad53d4dcbd CVE-2010-1452: Fix handling of missing path segments in the parsed URI structure. 
If a specially crafted request was sent, it is possible to crash mod_dav, 
mod_cache or mod_session, as they accessed a field that is set to NULL
by the URI parser, assuming that it always put in a valid string.

PR: 49246
Submitted by: Mark Drayton
Patch by: Jeff Trawick


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@966348 13f79535-47bb-0310-9956-ffa450edef68
 2010-07-21 18:25:01 +00:00
Stefan Fritsch
ebb62867fb Use the new APLOG_USE_MODULE/AP_DECLARE_MODULE macros everywhere to take 
advantage of per-module loglevels


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@951895 13f79535-47bb-0310-9956-ffa450edef68
 2010-06-06 16:59:50 +00:00
Graham Leggett
c48364cabc mod_session: Session expiry was being initialised, but not updated 
on each session save, resulting in timed out sessions when there
should not have been. Fixed.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905490 13f79535-47bb-0310-9956-ffa450edef68
 2010-02-02 01:18:36 +00:00
Graham Leggett
b890238ef4 mod_session.c: Prevent a segfault when session is added but not 
configured.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@814327 13f79535-47bb-0310-9956-ffa450edef68
 2009-09-13 14:59:28 +00:00
Graham Leggett
2a63c6013f Remove stray trailing whitespace from mod_session.c. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@814325 13f79535-47bb-0310-9956-ffa450edef68
 2009-09-13 14:56:07 +00:00
Ruediger Pluem
dd3067baac * Prevent a segfault when a CGI script sets a cookie with a null value. 
Submitted by: David Shane Holden <dpejesh apache.org>
Reviewed by: rpluem


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@678160 13f79535-47bb-0310-9956-ffa450edef68
 2008-07-19 14:00:23 +00:00
William A. Rowe Jr
acd6d4f502 You don't export the local registered functions 
when using optional fn's and hooks.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@664224 13f79535-47bb-0310-9956-ffa450edef68
 2008-06-07 00:59:04 +00:00
William A. Rowe Jr
11e672a797 mod_session has a different scope than the core. 
Replace the nonsense (see modules such as mod_dav,
mod_cache etc for similar examples).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@664165 13f79535-47bb-0310-9956-ffa450edef68
 2008-06-06 22:29:58 +00:00
Graham Leggett
563761538e Be defensive to ensure no segfault should the session entries table 
not be initialised.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@649111 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-17 14:01:21 +00:00
Graham Leggett
6919d5d261 Change the directives within the mod_session* modules to be valid 
both inside and outside the location/directory sections, as suggested
by wrowe.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@646304 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-09 12:39:33 +00:00
Graham Leggett
36500032fc Insert prototypes to remove compiler warnings. [Joe Orton] 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@646126 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-08 23:12:12 +00:00
Ruediger Pluem
3bd88fb853 * Fix eol-style property. 
Changes to mod_session.c only fix line endings again. No functional
  changes.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@645923 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-08 13:49:49 +00:00
Guenter Knauf
8671e9c09c No var declarations in the middle of the code. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@645877 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-08 12:32:50 +00:00
Paul Querna
a324a1d72f Remove all references to CORE_PRIVATE. 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@645455 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-07 10:45:43 +00:00
Graham Leggett
3e0bf1c8a1 Rename the ap_escape_path_segment_b function as suggested by 
Ruediger Pluem (left off commit r645120 by accident).


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@645132 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-05 16:30:44 +00:00
Graham Leggett
f10397f26c Make sure we protect ourselves against the session being NULL, which it will be 
if no session is configured.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@645112 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-05 15:05:15 +00:00
Graham Leggett
2b7c89aab4 mod_session: Add a generic session interface to unify the different 
attempts at saving persistent sessions across requests.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@644746 13f79535-47bb-0310-9956-ffa450edef68
 2008-04-04 15:58:15 +00:00