Mailing List Archive

svn commit: r1880773 - in /httpd/httpd/branches/2.4.x: ./ CHANGES STATUS modules/proxy/mod_proxy_uwsgi.c
Author: jim
Date: Tue Aug 11 12:09:44 2020
New Revision: 1880773

URL: http://svn.apache.org/viewvc?rev=1880773&view=rev
Log:
Merge r1879878 from trunk:

Avoid NULL pointer dereferences for empty environment variable values
Submitted by: rpluem
Reviewed by: jailletc36, covener, gbechis, jim

Modified:
httpd/httpd/branches/2.4.x/ (props changed)
httpd/httpd/branches/2.4.x/CHANGES
httpd/httpd/branches/2.4.x/STATUS
httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c

Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1879878

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1880773&r1=1880772&r2=1880773&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Aug 11 12:09:44 2020
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.4.47

+ *) mod_proxy_uwsgi: Fix a crash when sending environment variables with no
+ value. PR 64598 [Ruediger Pluem]
+
*) mod_proxy: recognize parameters from ProxyPassMatch workers with dollar
substitution, such that they apply to the backend connection. Note that
connection reuse is disabled by default to avoid compatibility issues.

Modified: httpd/httpd/branches/2.4.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1880773&r1=1880772&r2=1880773&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/STATUS (original)
+++ httpd/httpd/branches/2.4.x/STATUS Tue Aug 11 12:09:44 2020
@@ -138,13 +138,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]

- *) mod_proxy_uwsgi: Avoid NULL pointer dereferences for empty environment variable values
- http://svn.apache.org/r1879878
- Backport version for 2.4.x of patch:
- Trunk version of patch works
- svn merge -c 1879878 ^/httpd/httpd/trunk .
- +1: jailletc36, covener, gbechis, jim
-

PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[. New proposals should be added at the end of the list ]

Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c?rev=1880773&r1=1880772&r2=1880773&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c Tue Aug 11 12:09:44 2020
@@ -175,7 +175,7 @@ static int uwsgi_send_headers(request_re
env = (apr_table_entry_t *) env_table->elts;

for (j = 0; j < env_table->nelts; ++j) {
- headerlen += 2 + strlen(env[j].key) + 2 + strlen(env[j].val);
+ headerlen += 2 + strlen(env[j].key) + 2 + (env[j].val ? strlen(env[j].val) : 0);
}

pktsize = headerlen - 4;
@@ -198,10 +198,12 @@ static int uwsgi_send_headers(request_re
memcpy(ptr, env[j].key, keylen);
ptr += keylen;

- vallen = strlen(env[j].val);
+ vallen = env[j].val ? strlen(env[j].val) : 0;
*ptr++ = (apr_byte_t) (vallen & 0xff);
*ptr++ = (apr_byte_t) ((vallen >> 8) & 0xff);
- memcpy(ptr, env[j].val, vallen);
+ if (env[j].val) {
+ memcpy(ptr, env[j].val, vallen);
+ }
ptr += vallen;
}