File fix-CVE-2022-23527-1.patch of Package apache2-mod_auth_openidc.28532
From f38af0e2cb7a7e0e70544f032aaeb5db17352da5 Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
Date: Thu, 6 Jan 2022 16:43:16 +0100
Subject: [PATCH] test: allow /. in redirect URLs
Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
---
src/mod_auth_openidc.c | 15 ++++++++-------
test/open-redirect-payload-list.txt | 3 ---
2 files changed, 8 insertions(+), 10 deletions(-)
diff --git a/src/mod_auth_openidc.c b/src/mod_auth_openidc.c
index a6d4fd0a..c10fe526 100644
--- a/src/mod_auth_openidc.c
+++ b/src/mod_auth_openidc.c
@@ -2516,18 +2516,19 @@ apr_byte_t oidc_validate_redirect_url(request_rec *r, oidc_cfg *c,
}
if ((strstr(url, "/%09") != NULL) || (strstr(url, "/%2f") != NULL)
- || (strstr(url, "/%68") != NULL) || (strstr(url, "/.") != NULL)
- || (strstr(url, "/http:") != NULL) || (strstr(url, "/https:") != NULL)
- || (strstr(url, "/javascript:") != NULL) || (strstr(url, "/〱") != NULL)
- || (strstr(url, "/〵") != NULL) || (strstr(url, "/ゝ") != NULL)
- || (strstr(url, "/ー") != NULL) || (strstr(url, "/〱") != NULL)
- || (strstr(url, "/ー") != NULL) || (strstr(url, "/<") != NULL)
- || (strstr(url, "%01javascript:") != NULL) || (strstr(url, "/%5c") != NULL)) {
+ || (strstr(url, "/%68") != NULL) || (strstr(url, "/http:") != NULL)
+ || (strstr(url, "/https:") != NULL) || (strstr(url, "/javascript:") != NULL)
+ || (strstr(url, "/〱") != NULL) || (strstr(url, "/〵") != NULL)
+ || (strstr(url, "/ゝ") != NULL) || (strstr(url, "/ー") != NULL)
+ || (strstr(url, "/〱") != NULL) || (strstr(url, "/ー") != NULL)
+ || (strstr(url, "/<") != NULL) || (strstr(url, "%01javascript:") != NULL)
+ || (strstr(url, "/%5c") != NULL)) {
*err_str = apr_pstrdup(r->pool, "Invalid URL");
*err_desc = apr_psprintf(r->pool, "URL value \"%s\" contains illegal character(s)", url);
oidc_error(r, "%s: %s", *err_str, *err_desc);
return FALSE;
}
+
return TRUE;
}
diff --git a/test/open-redirect-payload-list.txt b/test/open-redirect-payload-list.txt
index f77887f8..84ab4200 100644
--- a/test/open-redirect-payload-list.txt
+++ b/test/open-redirect-payload-list.txt
@@ -4,7 +4,6 @@
/%2f%5c%2f%67%6f%6f%67%6c%65%2e%63%6f%6d/
/%5cexample.com
/%68%74%74%70%3a%2f%2f%67%6f%6f%67%6c%65%2e%63%6f%6d
-/.example.com
//%09/example.com
//%5cexample.com
///%09/example.com
@@ -554,7 +553,6 @@ javascripT://anything%0D%0A%0D%0Awindow.alert(document.cookie)
/%2f%2flocaldomain.pw
/localdomain.pw/%2f%2e%2e
/http:/localdomain.pw
-/.localdomain.pw
http://.localdomain.pw
.localdomain.pw
///\;@localdomain.pw
@@ -831,7 +829,6 @@ javascripT://anything%0D%0A%0D%0Awindow.alert(document.cookie)
/%2f%2fgoogle.com
/google.com/%2f%2e%2e
/http:/google.com
-/.google.com
///\;@google.com
///google.com
/////google.com/
\ No newline at end of file