File apache2-CVE-2024-38473-4.patch of Package apache2.35281

From 4326d6b9041a3bcb9b529f9163d0761c2d760700 Mon Sep 17 00:00:00 2001
From: Yann Ylavic <ylavic@apache.org>
Date: Wed, 26 Jun 2024 14:56:47 +0000
Subject: [PATCH] factor out IS_SLASH, perdir fix

in per-dir, the filename will be internally redirected, so / is OK too.


don't add / to / in the non-perdir


match AP_IS_SLASH macro

followup to 1918651


Merges r1918651, r1918652, r1918663 from trunk
Reviewed by: covener, ylavic, rpluem
GH: close #458


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1918668 13f79535-47bb-0310-9956-ffa450edef68
---
 include/ap_mmn.h              |  3 ++-
 include/httpd.h               | 11 +++++++++++
 modules/mappers/mod_rewrite.c | 11 ++++-------
 server/util.c                 | 31 ++++++++++---------------------
 4 files changed, 27 insertions(+), 29 deletions(-)

Index: httpd-2.4.23/include/httpd.h
===================================================================
--- httpd-2.4.23.orig/include/httpd.h
+++ httpd-2.4.23/include/httpd.h
@@ -2453,6 +2453,17 @@ AP_DECLARE(int) ap_cstr_casecmp(const ch
  */
 AP_DECLARE(int) ap_cstr_casecmpn(const char *s1, const char *s2, apr_size_t n);
 
+/* Win32/NetWare/OS2 need to check for both forward and back slashes
+ * in ap_normalize_path() and ap_escape_url().
+ */
+#ifdef CASE_BLIND_FILESYSTEM
+#define AP_IS_SLASH(s) ((s == '/') || (s == '\\'))
+#define AP_SLASHES "/\\"
+#else
+#define AP_IS_SLASH(s) (s == '/')
+#define AP_SLASHES "/"
+#endif
+
 #ifdef __cplusplus
 }
 #endif
Index: httpd-2.4.23/modules/mappers/mod_rewrite.c
===================================================================
--- httpd-2.4.23.orig/modules/mappers/mod_rewrite.c
+++ httpd-2.4.23/modules/mappers/mod_rewrite.c
@@ -635,14 +635,11 @@ static unsigned is_absolute_uri(char *ur
 
 static int is_absolute_path(const char *path)
 {
-#ifndef WIN32
+#ifndef CASE_BLIND_FILESYSTEM
     return (path[0] == '/');
 #else
-#define IS_SLASH(c) ((c) == '/' || (c) == '\\')
-    /* "//", "\\", "x:/" and "x:\" are absolute paths on Windows */
-    return ((IS_SLASH(path[0]) && path[1] == path[0])
-            || (apr_isalpha(path[0]) && path[1] == ':' && IS_SLASH(path[2])));
-#undef IS_SLASH
+    return ((AP_IS_SLASH(path[0]) && path[1] == path[0])
+            || (apr_isalpha(path[0]) && path[1] == ':' && AP_IS_SLASH(path[2])));
 #endif
 }
 
@@ -4237,11 +4234,11 @@ static rule_return_type apply_rewrite_ru
      */
     if (!is_proxyreq
         && !is_absolute_path(newuri)
+        && !AP_IS_SLASH(*newuri)
         && !is_absolute_uri(newuri, NULL)) {
         if (ctx->perdir) {
             rewritelog((r, 3, ctx->perdir, "add per-dir prefix: %s -> %s%s",
                        newuri, ctx->perdir, newuri));
-
             newuri = apr_pstrcat(r->pool, ctx->perdir, newuri, NULL);
         }
         else if (!(p->flags & (RULEFLAG_PROXY | RULEFLAG_FORCEREDIRECT))) {