File apache2-CVE-2024-39884.patch of Package apache2.35277

Overview Repositories Revisions Requests Users Attributes Meta

File apache2-CVE-2024-39884.patch of Package apache2.35277

Index: httpd-2.4.51/modules/cluster/mod_heartmonitor.c
===================================================================
--- httpd-2.4.51.orig/modules/cluster/mod_heartmonitor.c
+++ httpd-2.4.51/modules/cluster/mod_heartmonitor.c
@@ -781,7 +781,7 @@ static int hm_handler(request_rec *r)
     hmserver.seen = apr_time_now();
     hm_update_stat(ctx, &hmserver, r->pool);
 
-    ap_set_content_type(r, "text/plain");
+    ap_set_content_type_ex(r, "text/plain", 1);
     ap_set_content_length(r, 2);
     ap_rputs("OK", r);
     ap_rflush(r);
Index: httpd-2.4.51/modules/dav/main/mod_dav.c
===================================================================
--- httpd-2.4.51.orig/modules/dav/main/mod_dav.c
+++ httpd-2.4.51/modules/dav/main/mod_dav.c
@@ -323,7 +323,7 @@ static int dav_error_response(request_re
     r->status = status;
     r->status_line = ap_get_status_line(status);
 
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     /* begin the response now... */
     ap_rvputs(r,
@@ -354,7 +354,7 @@ static int dav_error_response_tag(reques
 {
     r->status = err->status;
 
-    ap_set_content_type(r, DAV_XML_CONTENT_TYPE);
+    ap_set_content_type_ex(r, DAV_XML_CONTENT_TYPE, 1);
 
     ap_rputs(DAV_XML_HEADER DEBUG_CR
              "<D:error xmlns:D=\"DAV:\"", r);
@@ -512,7 +512,7 @@ DAV_DECLARE(void) dav_begin_multistatus(
 {
     /* Set the correct status and Content-Type */
     r->status = status;
-    ap_set_content_type(r, DAV_XML_CONTENT_TYPE);
+    ap_set_content_type_ex(r, DAV_XML_CONTENT_TYPE, 1);
 
     /* Send the headers and actual multistatus response now... */
     ap_fputs(r->output_filters, bb, DAV_XML_HEADER DEBUG_CR
@@ -1964,7 +1964,7 @@ static int dav_method_options(request_re
 
     /* send the options response */
     r->status = HTTP_OK;
-    ap_set_content_type(r, DAV_XML_CONTENT_TYPE);
+    ap_set_content_type_ex(r, DAV_XML_CONTENT_TYPE, 1);
 
     /* send the headers and response body */
     ap_rputs(DAV_XML_HEADER DEBUG_CR
@@ -3270,7 +3270,7 @@ static int dav_method_lock(request_rec *
     (*locks_hooks->close_lockdb)(lockdb);
 
     r->status = HTTP_OK;
-    ap_set_content_type(r, DAV_XML_CONTENT_TYPE);
+    ap_set_content_type_ex(r, DAV_XML_CONTENT_TYPE, 1);
 
     ap_rputs(DAV_XML_HEADER DEBUG_CR "<D:prop xmlns:D=\"DAV:\">" DEBUG_CR, r);
     if (lock == NULL)
Index: httpd-2.4.51/modules/examples/mod_example_hooks.c
===================================================================
--- httpd-2.4.51.orig/modules/examples/mod_example_hooks.c
+++ httpd-2.4.51/modules/examples/mod_example_hooks.c
@@ -993,7 +993,7 @@ static int x_handler(request_rec *r)
      * Set the Content-type header. Note that we do not actually have to send
      * the headers: this is done by the http core.
      */
-    ap_set_content_type(r, "text/html");
+    ap_set_content_type_ex(r, "text/html", 1);
     /*
      * If we're only supposed to send header information (HEAD request), we're
      * already there.
Index: httpd-2.4.51/modules/filters/mod_data.c
===================================================================
--- httpd-2.4.51.orig/modules/filters/mod_data.c
+++ httpd-2.4.51/modules/filters/mod_data.c
@@ -117,7 +117,7 @@ static apr_status_t data_out_filter(ap_f
             }
         }
 
-        ap_set_content_type(r, "text/plain");
+        ap_set_content_type_ex(r, "text/plain", 1);
 
     }
 
Index: httpd-2.4.51/modules/filters/mod_include.c
===================================================================
--- httpd-2.4.51.orig/modules/filters/mod_include.c
+++ httpd-2.4.51/modules/filters/mod_include.c
@@ -3972,7 +3972,7 @@ static int include_fixup(request_rec *r)
     if (r->handler && (strcmp(r->handler, "server-parsed") == 0))
     {
         if (!r->content_type || !*r->content_type) {
-            ap_set_content_type(r, "text/html");
+            ap_set_content_type_ex(r, "text/html", 1);
         }
         r->handler = "default-handler";
     }
Index: httpd-2.4.51/modules/filters/mod_proxy_html.c
===================================================================
--- httpd-2.4.51.orig/modules/filters/mod_proxy_html.c
+++ httpd-2.4.51/modules/filters/mod_proxy_html.c
@@ -952,7 +952,7 @@ static apr_status_t proxy_html_filter(ap
                         ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, f->r, APLOGNO(01422)
                                       "No i18n support found.  Install mod_xml2enc if required");
                     enc = XML_CHAR_ENCODING_NONE;
-                    ap_set_content_type(f->r, "text/html;charset=utf-8");
+                    ap_set_content_type_ex(f->r, "text/html;charset=utf-8", 1);
                 }
                 else {
                     /* if we wanted a non-default charset_out, insert the
@@ -968,7 +968,7 @@ static apr_status_t proxy_html_filter(ap
                                                         cenc, NULL));
                     }
                     else /* Normal case, everything worked, utf-8 output */
-                        ap_set_content_type(f->r, "text/html;charset=utf-8");
+                        ap_set_content_type_ex(f->r, "text/html;charset=utf-8", 1);
                 }
 
                 ap_fputs(f->next, ctxt->bb, ctxt->cfg->doctype);
Index: httpd-2.4.51/modules/generators/mod_cgi.c
===================================================================
--- httpd-2.4.51.orig/modules/generators/mod_cgi.c
+++ httpd-2.4.51/modules/generators/mod_cgi.c
@@ -1085,7 +1085,7 @@ static apr_status_t include_cgi(include_
     /* Force sub_req to be treated as a CGI request, even if ordinary
      * typing rules would have called it something else.
      */
-    ap_set_content_type(rr, CGI_MAGIC_TYPE);
+    ap_set_content_type_ex(rr, CGI_MAGIC_TYPE, 1);
 
     /* Run it. */
     rr_status = ap_run_sub_req(rr);
Index: httpd-2.4.51/modules/generators/mod_cgid.c
===================================================================
--- httpd-2.4.51.orig/modules/generators/mod_cgid.c
+++ httpd-2.4.51/modules/generators/mod_cgid.c
@@ -1765,7 +1765,7 @@ static apr_status_t include_cgi(include_
     /* Force sub_req to be treated as a CGI request, even if ordinary
      * typing rules would have called it something else.
      */
-    ap_set_content_type(rr, CGI_MAGIC_TYPE);
+    ap_set_content_type_ex(rr, CGI_MAGIC_TYPE, 1);
 
     /* Run it. */
     rr_status = ap_run_sub_req(rr);
Index: httpd-2.4.51/modules/generators/mod_info.c
===================================================================
--- httpd-2.4.51.orig/modules/generators/mod_info.c
+++ httpd-2.4.51/modules/generators/mod_info.c
@@ -778,7 +778,7 @@ static int display_info(request_rec * r)
         return DECLINED;
     }
 
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     ap_rputs(DOCTYPE_XHTML_1_0T
              "<html xmlns=\"http://www.w3.org/1999/xhtml\">\n"
Index: httpd-2.4.51/modules/generators/mod_status.c
===================================================================
--- httpd-2.4.51.orig/modules/generators/mod_status.c
+++ httpd-2.4.51/modules/generators/mod_status.c
@@ -269,7 +269,7 @@ static int status_handler(request_rec *r
     if (r->method_number != M_GET)
         return DECLINED;
 
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     /*
      * Simple table-driven form data set parser that lets you alter the header
@@ -297,7 +297,7 @@ static int status_handler(request_rec *r
                     no_table_report = 1;
                     break;
                 case STAT_OPT_AUTO:
-                    ap_set_content_type(r, "text/plain; charset=ISO-8859-1");
+                    ap_set_content_type_ex(r, "text/plain; charset=ISO-8859-1", 1);
                     short_report = 1;
                     break;
                 }
Index: httpd-2.4.51/modules/http/http_filters.c
===================================================================
--- httpd-2.4.51.orig/modules/http/http_filters.c
+++ httpd-2.4.51/modules/http/http_filters.c
@@ -1258,7 +1258,7 @@ AP_DECLARE_NONSTD(int) ap_send_http_trac
         }
     }
 
-    ap_set_content_type(r, "message/http");
+    ap_set_content_type_ex(r, "message/http", 1);
 
     /* Now we recreate the request, and echo it back */
 
Index: httpd-2.4.51/modules/http/http_protocol.c
===================================================================
--- httpd-2.4.51.orig/modules/http/http_protocol.c
+++ httpd-2.4.51/modules/http/http_protocol.c
@@ -1443,10 +1443,10 @@ AP_DECLARE(void) ap_send_error_response(
             request_conf->suppress_charset = 1; /* avoid adding default
                                                  * charset later
                                                  */
-            ap_set_content_type(r, "text/html");
+            ap_set_content_type_ex(r, "text/html", 1);
         }
         else {
-            ap_set_content_type(r, "text/html; charset=iso-8859-1");
+            ap_set_content_type_ex(r, "text/html; charset=iso-8859-1", 1);
         }
 
         if ((status == HTTP_METHOD_NOT_ALLOWED)
Index: httpd-2.4.51/modules/ldap/util_ldap.c
===================================================================
--- httpd-2.4.51.orig/modules/ldap/util_ldap.c
+++ httpd-2.4.51/modules/ldap/util_ldap.c
@@ -139,7 +139,7 @@ static int util_ldap_handler(request_rec
     st = (util_ldap_state_t *) ap_get_module_config(r->server->module_config,
             &ldap_module);
 
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     if (r->header_only)
         return OK;
Index: httpd-2.4.51/modules/mappers/mod_imagemap.c
===================================================================
--- httpd-2.4.51.orig/modules/mappers/mod_imagemap.c
+++ httpd-2.4.51/modules/mappers/mod_imagemap.c
@@ -475,7 +475,7 @@ static int imap_reply(request_rec *r, co
 
 static void menu_header(request_rec *r, char *menu)
 {
-    ap_set_content_type(r, "text/html; charset=ISO-8859-1");
+    ap_set_content_type_ex(r, "text/html; charset=ISO-8859-1", 1);
 
     ap_rvputs(r, DOCTYPE_HTML_3_2, "<html><head>\n<title>Menu for ",
               ap_escape_html(r->pool, r->uri),
Index: httpd-2.4.51/modules/http/http_request.c
===================================================================
--- httpd-2.4.51.orig/modules/http/http_request.c
+++ httpd-2.4.51/modules/http/http_request.c
@@ -708,7 +708,7 @@ AP_DECLARE(void) ap_internal_fast_redire
     r->args = rr->args;
     r->finfo = rr->finfo;
     r->handler = rr->handler;
-    ap_set_content_type(r, rr->content_type);
+    ap_set_content_type_ex(r, rr->content_type, AP_REQUEST_IS_TRUSTED_CT(r));
     r->content_encoding = rr->content_encoding;
     r->content_languages = rr->content_languages;
     r->per_dir_config = rr->per_dir_config;
Index: httpd-2.4.51/modules/proxy/mod_proxy_balancer.c
===================================================================
--- httpd-2.4.51.orig/modules/proxy/mod_proxy_balancer.c
+++ httpd-2.4.51/modules/proxy/mod_proxy_balancer.c
@@ -1456,7 +1456,7 @@ static void balancer_display_page(reques
 
     if (usexml) {
         char date[APR_RFC822_DATE_LEN];
-        ap_set_content_type(r, "text/xml");
+        ap_set_content_type_ex(r, "text/xml", 1);
         ap_rputs("<?xml version='1.0' encoding='UTF-8' ?>\n", r);
         ap_rputs("<httpd:manager xmlns:httpd='http://httpd.apache.org'>\n", r);
         ap_rputs("  <httpd:balancers>\n", r);

Places

File apache2-CVE-2024-39884.patch of Package apache2.35277

Places