Patch to limit expansion by looping mod_rewrite rules

mod_rewrite_size_limit.txt (text/plain), 1.06 KB, created by Jeff W on 2016-12-14 16:13:18 UTC

(hide)

Description: Patch to limit expansion by looping mod_rewrite rules

Filename:

MIME Type:

Creator: Jeff W

Created: 2016-12-14 16:13:18 UTC

Size: 1.06 KB

patch

obsolete

>diff --git a/modules/mappers/mod_rewrite.c b/modules/mappers/mod_rewrite.c >index 56957c90..9221d752 100644 >--- a/modules/mappers/mod_rewrite.c >+++ b/modules/mappers/mod_rewrite.c >@@ -4295,6 +4295,17 @@ static int apply_rewrite_list(request_rec *r, apr_array_header_t *rewriterules, > rc = apply_rewrite_rule(p, ctx); > > if (rc) { >+ >+ /* Catch looping rules with pathinfo growing unbounded */ >+ if ( strlen( r->filename ) > r->server->limit_req_line ) { >+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, >+ "RewriteRule '%s' and URI '%s' " >+ "exceeded maximum length (%d)", >+ p->pattern, r->uri, r->server->limit_req_line ); >+ r->status = HTTP_INTERNAL_SERVER_ERROR; >+ return ACTION_STATUS; >+ } >+ > /* Regardless of what we do next, we've found a match. Check to see > * if any of the request header fields were involved, and add them > * to the Vary field of the response. View Attachment As Raw

This is ASF Bugzilla: the Apache Software Foundation bug system. In case of problems with the functioning of ASF Bugzilla, please contact bugzilla-admin@apache.org. Please Note: this e-mail address is only for reporting problems with ASF Bugzilla. Mail about any other subject will be silently ignored.

• • Home
  • | New
  • | Browse
  • | Search
  • |
    [?]
  • | Reports
  • | Help
  • | New Account
  • | Log In
    Remember [x]
  • | Forgot Password
    Login: [x]