Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
apache2
apache2-CVE-2024-39573.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File apache2-CVE-2024-39573.patch of Package apache2
Index: httpd-2.4.51/modules/mappers/mod_rewrite.c =================================================================== --- httpd-2.4.51.orig/modules/mappers/mod_rewrite.c +++ httpd-2.4.51/modules/mappers/mod_rewrite.c @@ -4212,6 +4212,32 @@ static int apply_rewrite_rule(rewriterul return 2; } + /* Add the previously stripped per-directory location prefix, unless + * (1) it's an absolute URL path and + * (2) it's a full qualified URL + */ + if (!is_proxyreq && *newuri != '/' && !is_absolute_uri(newuri, NULL)) { + if (ctx->perdir) { + rewritelog((r, 3, ctx->perdir, "add per-dir prefix: %s -> %s%s", + newuri, ctx->perdir, newuri)); + + newuri = apr_pstrcat(r->pool, ctx->perdir, newuri, NULL); + } + else if (!(p->flags & (RULEFLAG_PROXY | RULEFLAG_FORCEREDIRECT))) { + /* Not an absolute URI-path and the scheme (if any) is unknown, + * and it won't be passed to fully_qualify_uri() below either, + * so add an implicit '/' prefix. This avoids potentially a common + * rule like "RewriteRule ^/some/path(.*) $1" that is given a path + * like "/some/pathscheme:..." to produce the fully qualified URL + * "scheme:..." which could be misinterpreted later. + */ + rewritelog((r, 3, ctx->perdir, "add root prefix: %s -> /%s", + newuri, newuri)); + + newuri = apr_pstrcat(r->pool, "/", newuri, NULL); + } + } + /* Now adjust API's knowledge about r->filename and r->args */ r->filename = newuri; @@ -4223,18 +4249,6 @@ static int apply_rewrite_rule(rewriterul p->flags & RULEFLAG_QSDISCARD, p->flags & RULEFLAG_QSLAST); - /* Add the previously stripped per-directory location prefix, unless - * (1) it's an absolute URL path and - * (2) it's a full qualified URL - */ - if ( ctx->perdir && !is_proxyreq && *r->filename != '/' - && !is_absolute_uri(r->filename, NULL)) { - rewritelog((r, 3, ctx->perdir, "add per-dir prefix: %s -> %s%s", - r->filename, ctx->perdir, r->filename)); - - r->filename = apr_pstrcat(r->pool, ctx->perdir, r->filename, NULL); - } - /* If this rule is forced for proxy throughput * (`RewriteRule ... ... [P]') then emulate mod_proxy's * URL-to-filename handler to be sure mod_proxy is triggered
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor