Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1:Test
apache2
httpd-2.2.3-CVE-2009-1195.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File httpd-2.2.3-CVE-2009-1195.patch of Package apache2
Index: include/http_core.h =================================================================== --- include/http_core.h.orig 2006-07-12 05:38:44.000000000 +0200 +++ include/http_core.h 2009-07-20 04:56:09.000000000 +0200 @@ -73,14 +73,14 @@ extern "C" { #define OPT_EXECCGI 8 /** directive unset */ #define OPT_UNSET 16 -/** IncludesNOEXEC directive */ -#define OPT_INCNOEXEC 32 +/** SSI exec= permission is permitted, iff OPT_INCLUDES is also set */ +#define OPT_INC_WITH_EXEC 32 /** SymLinksIfOwnerMatch directive */ #define OPT_SYM_OWNER 64 /** MultiViews directive */ #define OPT_MULTI 128 /** All directives */ -#define OPT_ALL (OPT_INDEXES|OPT_INCLUDES|OPT_SYM_LINKS|OPT_EXECCGI) +#define OPT_ALL (OPT_INDEXES|OPT_INCLUDES|OPT_INC_WITH_EXEC|OPT_SYM_LINKS|OPT_EXECCGI) /** @} */ /** Index: modules/filters/mod_include.c =================================================================== --- modules/filters/mod_include.c.orig 2006-07-12 05:38:44.000000000 +0200 +++ modules/filters/mod_include.c 2009-07-20 04:57:28.000000000 +0200 @@ -3524,7 +3524,7 @@ static apr_status_t includes_filter(ap_f intern->seen_eos = 0; intern->state = PARSE_PRE_HEAD; ctx->flags = (SSI_FLAG_PRINTING | SSI_FLAG_COND_TRUE); - if (ap_allow_options(r) & OPT_INCNOEXEC) { + if ((ap_allow_options(r) & OPT_INC_WITH_EXEC) == 0) { ctx->flags |= SSI_FLAG_NO_EXEC; } Index: server/core.c =================================================================== --- server/core.c.orig 2006-07-24 15:34:19.000000000 +0200 +++ server/core.c 2009-07-20 05:09:04.000000000 +0200 @@ -108,8 +108,7 @@ static void *create_core_dir_config(apr_ conf->opts = dir ? OPT_UNSET : OPT_UNSET|OPT_ALL; conf->opts_add = conf->opts_remove = OPT_NONE; conf->override = dir ? OR_UNSET : OR_UNSET|OR_ALL; - conf->override_opts = OPT_UNSET | OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER - | OPT_MULTI; + conf->override_opts = OPT_UNSET | OPT_ALL | OPT_SYM_OWNER | OPT_MULTI; conf->content_md5 = 2; conf->accept_path_info = 3; @@ -243,8 +242,15 @@ static void *merge_core_dir_configs(apr_ conf->opts_remove = (conf->opts_remove & ~new->opts_add) | new->opts_remove; conf->opts = (conf->opts & ~conf->opts_remove) | conf->opts_add; - if ((base->opts & OPT_INCNOEXEC) && (new->opts & OPT_INCLUDES)) { - conf->opts = (conf->opts & ~OPT_INCNOEXEC) | OPT_INCLUDES; + + /* If Includes was enabled with exec in the base config, but + * was enabled without exec in the new config, then disable + * exec in the merged set. */ + if (((base->opts & (OPT_INCLUDES|OPT_INC_WITH_EXEC)) + == (OPT_INCLUDES|OPT_INC_WITH_EXEC)) + && ((new->opts & (OPT_INCLUDES|OPT_INC_WITH_EXEC)) + == OPT_INCLUDES)) { + conf->opts &= ~OPT_INC_WITH_EXEC; } } else { @@ -658,7 +664,12 @@ AP_DECLARE(int) ap_allow_options(request core_dir_config *conf = (core_dir_config *)ap_get_module_config(r->per_dir_config, &core_module); - return conf->opts; + /* Per comment in http_core.h - the OPT_INC_WITH_EXEC bit is + * inverted, such that the exposed semantics match that of + * OPT_INCNOEXEC; i.e., the bit is only enabled if exec= is *not* + * permitted. */ + return conf->opts ^ OPT_INC_WITH_EXEC; + } AP_DECLARE(int) ap_allow_overrides(request_rec *r) @@ -1304,10 +1315,13 @@ static const char *set_allow_opts(cmd_pa opt = OPT_INDEXES; } else if (!strcasecmp(w, "Includes")) { - opt = OPT_INCLUDES; + /* If Includes is permitted, both Includes and + * IncludesNOEXEC may be changed. */ + opt = (OPT_INCLUDES | OPT_INC_WITH_EXEC); + } else if (!strcasecmp(w, "IncludesNOEXEC")) { - opt = (OPT_INCLUDES | OPT_INCNOEXEC); + opt = OPT_INCLUDES; } else if (!strcasecmp(w, "FollowSymLinks")) { opt = OPT_SYM_LINKS; @@ -1428,10 +1442,10 @@ static const char *set_options(cmd_parms opt = OPT_INDEXES; } else if (!strcasecmp(w, "Includes")) { - opt = OPT_INCLUDES; + opt = (OPT_INCLUDES | OPT_INC_WITH_EXEC); } else if (!strcasecmp(w, "IncludesNOEXEC")) { - opt = (OPT_INCLUDES | OPT_INCNOEXEC); + opt = OPT_INCLUDES; } else if (!strcasecmp(w, "FollowSymLinks")) { opt = OPT_SYM_LINKS; Index: server/config.c =================================================================== --- server/config.c.orig 2006-07-24 15:34:19.000000000 +0200 +++ server/config.c 2009-07-20 05:02:28.000000000 +0200 @@ -1492,7 +1492,7 @@ static const char *process_command_confi parms.temp_pool = ptemp; parms.server = s; parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT); - parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI; + parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI; parms.config_file = ap_pcfg_open_custom(p, "-c/-C directives", &arr_parms, NULL, @@ -1599,7 +1599,7 @@ static const char *process_resource_conf parms.temp_pool = ptemp; parms.server = s; parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT); - parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI; + parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI; rv = ap_pcfg_openfile(&cfp, p, fname); if (rv != APR_SUCCESS) { @@ -1737,7 +1737,7 @@ AP_DECLARE(int) ap_process_config_tree(s parms.temp_pool = ptemp; parms.server = s; parms.override = (RSRC_CONF | OR_ALL) & ~(OR_AUTHCFG | OR_LIMIT); - parms.override_opts = OPT_ALL | OPT_INCNOEXEC | OPT_SYM_OWNER | OPT_MULTI; + parms.override_opts = OPT_ALL | OPT_SYM_OWNER | OPT_MULTI; parms.limited = -1; errmsg = ap_walk_config(conftree, &parms, s->lookup_defaults);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor