mod_xml2enc: fix media type handling
Resolves: RHEL-17686
This commit is contained in:
Joe Orton
parent
df3e6a5147
commit
926baa67c3
|
|
@ -0,0 +1,39 @@
|
|||
# ./pullrev.sh 1884505 1915625
|
||||
http://svn.apache.org/viewvc?view=revision&revision=1884505
|
||||
http://svn.apache.org/viewvc?view=revision&revision=1915625
|
||||
|
||||
--- httpd-2.4.57/modules/filters/mod_xml2enc.c
|
||||
+++ httpd-2.4.57/modules/filters/mod_xml2enc.c
|
||||
@@ -329,7 +329,7 @@
|
||||
apr_bucket* bstart;
|
||||
apr_size_t insz = 0;
|
||||
int pending_meta = 0;
|
||||
- char *ctype;
|
||||
+ char *mtype;
|
||||
char *p;
|
||||
|
||||
if (!ctx || !f->r->content_type) {
|
||||
@@ -338,13 +338,17 @@
|
||||
return ap_pass_brigade(f->next, bb) ;
|
||||
}
|
||||
|
||||
- ctype = apr_pstrdup(f->r->pool, f->r->content_type);
|
||||
- for (p = ctype; *p; ++p)
|
||||
- if (isupper(*p))
|
||||
- *p = tolower(*p);
|
||||
+ /* Extract the media type, ignoring parameters in content-type. */
|
||||
+ mtype = apr_pstrdup(f->r->pool, f->r->content_type);
|
||||
+ if ((p = ap_strchr(mtype, ';')) != NULL) *p = '\0';
|
||||
+ ap_str_tolower(mtype);
|
||||
|
||||
- /* only act if starts-with "text/" or contains "xml" */
|
||||
- if (strncmp(ctype, "text/", 5) && !strstr(ctype, "xml")) {
|
||||
+ /* Accept text/ types, plus any XML media type per RFC 7303. */
|
||||
+ if (!(strncmp(mtype, "text/", 5) == 0
|
||||
+ || strcmp(mtype, "application/xml") == 0
|
||||
+ || (strlen(mtype) > 7 /* minimum 'a/b+xml' length */
|
||||
+ && (p = strstr(mtype, "+xml")) != NULL
|
||||
+ && strlen(p) == 4 /* ensures +xml is a suffix */))) {
|
||||
ap_remove_output_filter(f);
|
||||
return ap_pass_brigade(f->next, bb) ;
|
||||
}
|
||||
10
httpd.spec
10
httpd.spec
|
|
@ -13,7 +13,7 @@
|
|||
Summary: Apache HTTP Server
|
||||
Name: httpd
|
||||
Version: 2.4.57
|
||||
Release: 7%{?dist}
|
||||
Release: 8%{?dist}
|
||||
URL: https://httpd.apache.org/
|
||||
Source0: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
|
||||
Source1: https://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2.asc
|
||||
|
|
@ -118,7 +118,8 @@ Patch69: httpd-2.4.57-covscan.patch
|
|||
Patch70: httpd-2.4.57-mod_status-duplicate-key.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2217726
|
||||
Patch71: httpd-2.4.57-davenoent.patch
|
||||
|
||||
# https://issues.redhat.com/browse/RHEL-17686
|
||||
Patch72: httpd-2.4.57-r1884505+.patch
|
||||
|
||||
# Security fixes
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=...
|
||||
|
|
@ -295,6 +296,7 @@ written in the Lua programming language.
|
|||
%patch69 -p1 -b .covstan
|
||||
%patch70 -p1 -b .duplicate-key
|
||||
%patch71 -p1 -b .davenoent
|
||||
%patch72 -p1 -b .r1884505+
|
||||
|
||||
%patch200 -p1 -b .CVE-2023-31122
|
||||
|
||||
|
|
@ -857,6 +859,10 @@ exit $rv
|
|||
%{_rpmconfigdir}/macros.d/macros.httpd
|
||||
|
||||
%changelog
|
||||
* Wed Feb 7 2024 Joe Orton <jorton@redhat.com> - 2.4.57-8
|
||||
- mod_xml2enc: fix media type handling
|
||||
Resolves: RHEL-17686
|
||||
|
||||
* Mon Feb 05 2024 Luboš Uhliarik <luhliari@redhat.com> - 2.4.57-7
|
||||
- Resolves: RHEL-14447 - httpd: mod_macro: out-of-bounds read
|
||||
vulnerability (CVE-2023-31122)
|
||||
|
|
|
|||
Loading…
Reference in New Issue