components/apache2/patches/bug52774.patch
author Petr Sumbera <petr.sumbera@oracle.com>
Mon, 08 Oct 2012 07:58:20 -0700
changeset 1008 85cbcf3980ca
parent 795 6344ba200d21
child 4696 96b9957387bf
permissions -rw-r--r--
7202142 Upgrade Apache Web Server to version 2.2.23 7164140 ErrorDocument can not handle 400 status properly in case of HTTP 1.1 7198847 Problem with utility/apache
https://issues.apache.org/bugzilla/show_bug.cgi?id=52774

--- modules/mappers/mod_rewrite.c	Mon Aug 20 10:22:53 2012
+++ modules/mappers/mod_rewrite.c	Tue Sep 18 04:02:33 2012
@@ -4302,14 +4302,29 @@
     /* Unless the anyuri option is set, ensure that the input to the
      * first rule really is a URL-path, avoiding security issues with
      * poorly configured rules.  See CVE-2011-3368, CVE-2011-4317. */
+    /*
+     * We believe that URI starting with "http://" is valid and thus we fork
+     * here little bit from upstream. I'm intentionally not optimizing
+     * following if statement to keep changes against upstream clear.
+     * See also: https://issues.apache.org/bugzilla/show_bug.cgi?id=52774
+     */
     if ((dconf->options & OPTION_ANYURI) == 0
         && ((r->unparsed_uri[0] == '*' && r->unparsed_uri[1] == '\0')
-            || !r->uri || r->uri[0] != '/')) {
+            || !r->uri)) {
         rewritelog((r, 8, NULL, "Declining, request-URI '%s' is not a URL-path. "
                     "Consult the manual entry for the RewriteOptions directive "
                     "for options and caveats about matching other strings.",
                     r->uri));
         return DECLINED;
+    } else if ((dconf->options & OPTION_ANYURI) == 0 && r->uri[0] != '/') {
+        if (strncmp(r->uri, "http://" , 7) != 0 && 
+            strncmp(r->uri, "https://", 8 )!= 0) {
+              rewritelog((r, 8, NULL, "Declining, request-URI '%s' is not a URL-path. "
+                          "Consult the manual entry for the RewriteOptions directive "
+                          "for options and caveats about matching other strings.",
+                          r->uri));
+             return DECLINED;
+        }
     }
 
     /*