34 lines
1.3 KiB
Diff
34 lines
1.3 KiB
Diff
From d80685a9e0241d99e94aa2fc0aa491d90c4ae9e8 Mon Sep 17 00:00:00 2001
|
|
From: Eric Covener <covener@apache.org>
|
|
Date: Sun, 26 Apr 2026 16:29:24 +0000
|
|
Subject: [PATCH] Merge r1933357 from trunk:
|
|
|
|
mod_authn_socache: validate URL earlier
|
|
|
|
|
|
|
|
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1933358 13f79535-47bb-0310-9956-ffa450edef68
|
|
---
|
|
modules/aaa/mod_authn_socache.c | 5 ++---
|
|
1 file changed, 2 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/modules/aaa/mod_authn_socache.c b/modules/aaa/mod_authn_socache.c
|
|
index 0e4454a4b12..0834ab43d32 100644
|
|
--- a/modules/aaa/mod_authn_socache.c
|
|
+++ b/modules/aaa/mod_authn_socache.c
|
|
@@ -266,11 +266,10 @@ static const command_rec authn_cache_cmds[] =
|
|
static const char *construct_key(request_rec *r, const char *context,
|
|
const char *user, const char *realm)
|
|
{
|
|
+ const char *slash = ap_strrchr_c(r->uri, '/');
|
|
/* handle "special" context values */
|
|
- if (!strcmp(context, directory)) {
|
|
- /* FIXME: are we at risk of this blowing up? */
|
|
+ if (!strcmp(context, directory) && slash) {
|
|
char *new_context;
|
|
- char *slash = strrchr(r->uri, '/');
|
|
new_context = apr_palloc(r->pool, slash - r->uri +
|
|
strlen(r->server->server_hostname) + 1);
|
|
strcpy(new_context, r->server->server_hostname);
|
|
|