Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
apache2
apache2-CVE-2017-15715.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File apache2-CVE-2017-15715.patch of Package apache2
Index: httpd-2.4.16/include/ap_regex.h =================================================================== --- httpd-2.4.16.orig/include/ap_regex.h 2014-01-05 17:14:26.000000000 +0100 +++ httpd-2.4.16/include/ap_regex.h 2018-03-29 09:53:24.093906077 +0200 @@ -77,6 +77,8 @@ extern "C" { #define AP_REG_NOMEM 0x20 /* nomem in our code */ #define AP_REG_DOTALL 0x40 /* perl's /s flag */ +#define AP_REG_DOLLAR_ENDONLY 0x200 /* '$' matches at end of subject string only */ + #define AP_REG_MATCH "MATCH_" /** suggested prefix for ap_regname */ /* Error values: */ @@ -103,6 +105,26 @@ typedef struct { /* The functions */ /** + * Get default compile flags + * @return Bitwise OR of AP_REG_* flags + */ +AP_DECLARE(int) ap_regcomp_get_default_cflags(void); + +/** + * Set default compile flags + * @param cflags Bitwise OR of AP_REG_* flags + */ +AP_DECLARE(void) ap_regcomp_set_default_cflags(int cflags); + +/** + * Get the AP_REG_* corresponding to the string. + * @param name The name (i.e. AP_REG_<name>) + * @return The AP_REG_*, or zero if the string is unknown + * + */ +AP_DECLARE(int) ap_regcomp_default_cflag_by_name(const char *name); + +/** * Compile a regular expression. * @param preg Returned compiled regex * @param regex The regular expression string Index: httpd-2.4.16/server/core.c =================================================================== --- httpd-2.4.16.orig/server/core.c 2018-03-29 09:53:24.037905098 +0200 +++ httpd-2.4.16/server/core.c 2018-03-29 09:53:24.093906077 +0200 @@ -48,6 +48,7 @@ #include "mod_core.h" #include "mod_proxy.h" #include "ap_listen.h" +#include "ap_regex.h" #include "mod_so.h" /* for ap_find_loaded_module_symbol */ @@ -2709,6 +2710,58 @@ static const char *virtualhost_section(c return errmsg; } +static const char *set_regex_default_options(cmd_parms *cmd, + void *dummy, + const char *arg) +{ + const command_rec *thiscmd = cmd->cmd; + int cflags, cflag; + + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + if (err != NULL) { + return err; + } + + cflags = ap_regcomp_get_default_cflags(); + while (*arg) { + const char *name = ap_getword_conf(cmd->pool, &arg); + int how = 0; + + if (strcasecmp(name, "none") == 0) { + cflags = 0; + continue; + } + + if (*name == '+') { + name++; + how = +1; + } + else if (*name == '-') { + name++; + how = -1; + } + + cflag = ap_regcomp_default_cflag_by_name(name); + if (!cflag) { + return apr_psprintf(cmd->pool, "%s: option '%s' unknown", + thiscmd->name, name); + } + + if (how > 0) { + cflags |= cflag; + } + else if (how < 0) { + cflags &= ~cflag; + } + else { + cflags = cflag; + } + } + ap_regcomp_set_default_cflags(cflags); + + return NULL; +} + static const char *set_server_alias(cmd_parms *cmd, void *dummy, const char *arg) { @@ -4246,6 +4299,9 @@ AP_INIT_TAKE12("RLimitNPROC", no_set_lim OR_ALL, "soft/hard limits for max number of processes per uid"), #endif +AP_INIT_RAW_ARGS("RegexDefaultOptions", set_regex_default_options, NULL, RSRC_CONF, + "default options for regexes (prefixed by '+' to add, '-' to del)"), + /* internal recursion stopper */ AP_INIT_TAKE12("LimitInternalRecursion", set_recursion_limit, NULL, RSRC_CONF, "maximum recursion depth of internal redirects and subrequests"), @@ -4652,6 +4708,8 @@ static int core_pre_config(apr_pool_t *p apr_pool_cleanup_register(pconf, NULL, reset_config_defines, apr_pool_cleanup_null); + ap_regcomp_set_default_cflags(AP_REG_DOLLAR_ENDONLY); + mpm_common_pre_config(pconf); return OK; Index: httpd-2.4.16/server/util_pcre.c =================================================================== --- httpd-2.4.16.orig/server/util_pcre.c 2014-01-05 17:14:26.000000000 +0100 +++ httpd-2.4.16/server/util_pcre.c 2018-03-29 10:01:37.802553727 +0200 @@ -111,6 +111,38 @@ AP_DECLARE(void) ap_regfree(ap_regex_t * * Compile a regular expression * *************************************************/ +static int default_cflags = AP_REG_DOLLAR_ENDONLY; + +AP_DECLARE(int) ap_regcomp_get_default_cflags(void) +{ + return default_cflags; +} + +AP_DECLARE(void) ap_regcomp_set_default_cflags(int cflags) +{ + default_cflags = cflags; +} + +AP_DECLARE(int) ap_regcomp_default_cflag_by_name(const char *name) +{ + int cflag = 0; + + if (strcasecmp(name, "ICASE") == 0) { + cflag = AP_REG_ICASE; + } + else if (strcasecmp(name, "DOTALL") == 0) { + cflag = AP_REG_DOTALL; + } + else if (strcasecmp(name, "DOLLAR_ENDONLY") == 0) { + cflag = AP_REG_DOLLAR_ENDONLY; + } + else if (strcasecmp(name, "EXTENDED") == 0) { + cflag = AP_REG_EXTENDED; + } + + return cflag; +} + /* * Arguments: * preg points to a structure for recording the compiled expression @@ -127,12 +159,15 @@ AP_DECLARE(int) ap_regcomp(ap_regex_t * int errcode = 0; int options = PCRE_DUPNAMES; + cflags |= default_cflags; if ((cflags & AP_REG_ICASE) != 0) options |= PCRE_CASELESS; if ((cflags & AP_REG_NEWLINE) != 0) options |= PCRE_MULTILINE; if ((cflags & AP_REG_DOTALL) != 0) options |= PCRE_DOTALL; + if ((cflags & AP_REG_DOLLAR_ENDONLY) != 0) + options |= PCRE_DOLLAR_ENDONLY; preg->re_pcre = pcre_compile2(pattern, options, &errcode, &errorptr, &erroffset, NULL);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor