File apache2-CVE-2020-1927.patch of Package apache2.18661
Index: httpd-2.4.33/include/ap_regex.h
===================================================================
--- httpd-2.4.33.orig/include/ap_regex.h 2018-02-21 15:56:38.000000000 +0100
+++ httpd-2.4.33/include/ap_regex.h 2020-04-06 13:30:58.042429573 +0200
@@ -84,7 +84,11 @@ extern "C" {
#define AP_REG_DOLLAR_ENDONLY 0x200 /* '$' matches at end of subject string only */
-#define AP_REG_MATCH "MATCH_" /** suggested prefix for ap_regname */
+#define AP_REG_NO_DEFAULT 0x400 /**< Don't implicitely add AP_REG_DEFAULT options */
+
+#define AP_REG_MATCH "MATCH_" /**< suggested prefix for ap_regname */
+
+#define AP_REG_DEFAULT (AP_REG_DOTALL|AP_REG_DOLLAR_ENDONLY)
/* Error values: */
enum {
Index: httpd-2.4.33/modules/filters/mod_substitute.c
===================================================================
--- httpd-2.4.33.orig/modules/filters/mod_substitute.c 2017-05-11 19:09:35.000000000 +0200
+++ httpd-2.4.33/modules/filters/mod_substitute.c 2020-04-06 13:28:38.393732798 +0200
@@ -635,8 +635,10 @@ static const char *set_pattern(cmd_parms
/* first see if we can compile the regex */
if (!is_pattern) {
- r = ap_pregcomp(cmd->pool, from, AP_REG_EXTENDED |
- (ignore_case ? AP_REG_ICASE : 0));
+ int flags = AP_REG_NO_DEFAULT
+ | (ap_regcomp_get_default_cflags() & AP_REG_DOLLAR_ENDONLY)
+ | (ignore_case ? AP_REG_ICASE : 0);
+ r = ap_pregcomp(cmd->pool, from, flags);
if (!r)
return "Substitute could not compile regex";
}
Index: httpd-2.4.33/server/util_pcre.c
===================================================================
--- httpd-2.4.33.orig/server/util_pcre.c 2020-04-06 13:28:38.337732519 +0200
+++ httpd-2.4.33/server/util_pcre.c 2020-04-06 13:30:58.046429593 +0200
@@ -120,8 +120,7 @@ AP_DECLARE(void) ap_regfree(ap_regex_t *
* Compile a regular expression *
*************************************************/
-static int default_cflags = AP_REG_DOTALL |
- AP_REG_DOLLAR_ENDONLY;
+static int default_cflags = AP_REG_DEFAULT;
AP_DECLARE(int) ap_regcomp_get_default_cflags(void)
{
@@ -169,7 +168,9 @@ AP_DECLARE(int) ap_regcomp(ap_regex_t *
int errcode = 0;
int options = PCRE_DUPNAMES;
- cflags |= default_cflags;
+ if ((cflags & AP_REG_NO_DEFAULT) == 0)
+ cflags |= default_cflags;
+
if ((cflags & AP_REG_ICASE) != 0)
options |= PCRE_CASELESS;
if ((cflags & AP_REG_NEWLINE) != 0)
Index: httpd-2.4.33/server/util_regex.c
===================================================================
--- httpd-2.4.33.orig/server/util_regex.c 2016-01-19 13:56:11.000000000 +0100
+++ httpd-2.4.33/server/util_regex.c 2020-04-06 13:28:38.393732798 +0200
@@ -94,6 +94,7 @@ AP_DECLARE(ap_rxplus_t*) ap_rxplus_compi
}
/* anything after the current delimiter is flags */
+ ret->flags = ap_regcomp_get_default_cflags() & AP_REG_DOLLAR_ENDONLY;
while (*++endp) {
switch (*endp) {
case 'i': ret->flags |= AP_REG_ICASE; break;
@@ -106,7 +107,7 @@ AP_DECLARE(ap_rxplus_t*) ap_rxplus_compi
default: break; /* we should probably be stricter here */
}
}
- if (ap_regcomp(&ret->rx, rxstr, ret->flags) == 0) {
+ if (ap_regcomp(&ret->rx, rxstr, AP_REG_NO_DEFAULT | ret->flags) == 0) {
apr_pool_cleanup_register(pool, &ret->rx, rxplus_cleanup,
apr_pool_cleanup_null);
}