From f2471bd6c0f4dad090a9e70a6296d6f145c85514 Mon Sep 17 00:00:00 2001 From: Packit Date: Oct 26 2020 15:22:32 +0000 Subject: Apply patch httpd-2.4.37-CVE-2019-10092.patch patch_name: httpd-2.4.37-CVE-2019-10092.patch present_in_specfile: true --- diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c index e419eb6..dcafa9c 100644 --- a/modules/http/http_protocol.c +++ b/modules/http/http_protocol.c @@ -1132,13 +1132,10 @@ static const char *get_canned_error_string(int status, "\">here.

\n", NULL)); case HTTP_USE_PROXY: - return(apr_pstrcat(p, - "

This resource is only accessible " - "through the proxy\n", - ap_escape_html(r->pool, location), - "
\nYou will need to configure " - "your client to use that proxy.

\n", - NULL)); + return("

This resource is only accessible " + "through the proxy\n" + "
\nYou will need to configure " + "your client to use that proxy.

\n"); case HTTP_PROXY_AUTHENTICATION_REQUIRED: case HTTP_UNAUTHORIZED: return("

This server could not verify that you\n" @@ -1154,34 +1151,20 @@ static const char *get_canned_error_string(int status, "error-notes", "

\n")); case HTTP_FORBIDDEN: - s1 = apr_pstrcat(p, - "

You don't have permission to access ", - ap_escape_html(r->pool, r->uri), - "\non this server.
\n", - NULL); - return(add_optional_notes(r, s1, "error-notes", "

\n")); + return(add_optional_notes(r, "

You don't have permission to access this resource.", "error-notes", "

\n")); case HTTP_NOT_FOUND: - return(apr_pstrcat(p, - "

The requested URL ", - ap_escape_html(r->pool, r->uri), - " was not found on this server.

\n", - NULL)); + return("

The requested URL was not found on this server.

\n"); case HTTP_METHOD_NOT_ALLOWED: return(apr_pstrcat(p, "

The requested method ", ap_escape_html(r->pool, r->method), - " is not allowed for the URL ", - ap_escape_html(r->pool, r->uri), - ".

\n", + " is not allowed for this URL.

\n", NULL)); case HTTP_NOT_ACCEPTABLE: - s1 = apr_pstrcat(p, - "

An appropriate representation of the " - "requested resource ", - ap_escape_html(r->pool, r->uri), - " could not be found on this server.

\n", - NULL); - return(add_optional_notes(r, s1, "variant-list", "")); + return(add_optional_notes(r, + "

An appropriate representation of the requested resource " + "could not be found on this server.

\n", + "variant-list", "")); case HTTP_MULTIPLE_CHOICES: return(add_optional_notes(r, "", "variant-list", "")); case HTTP_LENGTH_REQUIRED: @@ -1192,18 +1175,13 @@ static const char *get_canned_error_string(int status, NULL); return(add_optional_notes(r, s1, "error-notes", "

\n")); case HTTP_PRECONDITION_FAILED: - return(apr_pstrcat(p, - "

The precondition on the request " - "for the URL ", - ap_escape_html(r->pool, r->uri), - " evaluated to false.

\n", - NULL)); + return("

The precondition on the request " + "for this URL evaluated to false.

\n"); case HTTP_NOT_IMPLEMENTED: s1 = apr_pstrcat(p, "

", - ap_escape_html(r->pool, r->method), " to ", - ap_escape_html(r->pool, r->uri), - " not supported.
\n", + ap_escape_html(r->pool, r->method), " ", + " not supported for current URL.
\n", NULL); return(add_optional_notes(r, s1, "error-notes", "

\n")); case HTTP_BAD_GATEWAY: @@ -1211,29 +1189,19 @@ static const char *get_canned_error_string(int status, "response from an upstream server.
" CRLF; return(add_optional_notes(r, s1, "error-notes", "

\n")); case HTTP_VARIANT_ALSO_VARIES: - return(apr_pstrcat(p, - "

A variant for the requested " - "resource\n

\n",
-                           ap_escape_html(r->pool, r->uri),
-                           "\n
\nis itself a negotiable resource. " - "This indicates a configuration error.

\n", - NULL)); + return("

A variant for the requested " + "resource\n

\n"
+               "\n
\nis itself a negotiable resource. " + "This indicates a configuration error.

\n"); case HTTP_REQUEST_TIME_OUT: return("

Server timeout waiting for the HTTP request from the client.

\n"); case HTTP_GONE: - return(apr_pstrcat(p, - "

The requested resource
", - ap_escape_html(r->pool, r->uri), - "
\nis no longer available on this server " - "and there is no forwarding address.\n" - "Please remove all references to this " - "resource.

\n", - NULL)); + return("

The requested resource is no longer available on this server" + " and there is no forwarding address.\n" + "Please remove all references to this resource.

\n"); case HTTP_REQUEST_ENTITY_TOO_LARGE: return(apr_pstrcat(p, - "The requested resource
", - ap_escape_html(r->pool, r->uri), "
\n", - "does not allow request data with ", + "The requested resource does not allow request data with ", ap_escape_html(r->pool, r->method), " requests, or the amount of data provided in\n" "the request exceeds the capacity limit.\n", @@ -1317,11 +1285,9 @@ static const char *get_canned_error_string(int status, "the Server Name Indication (SNI) in use for this\n" "connection.

\n"); case HTTP_UNAVAILABLE_FOR_LEGAL_REASONS: - s1 = apr_pstrcat(p, - "

Access to ", ap_escape_html(r->pool, r->uri), - "\nhas been denied for legal reasons.
\n", - NULL); - return(add_optional_notes(r, s1, "error-notes", "

\n")); + return(add_optional_notes(r, + "

Access to this URL has been denied for legal reasons.
\n", + "error-notes", "

\n")); default: /* HTTP_INTERNAL_SERVER_ERROR */ /* * This comparison to expose error-notes could be modified to diff --git a/modules/proxy/mod_proxy.c b/modules/proxy/mod_proxy.c index ffeb7a6..d13c249 100644 --- a/modules/proxy/mod_proxy.c +++ b/modules/proxy/mod_proxy.c @@ -1055,9 +1055,10 @@ static int proxy_handler(request_rec *r) char *end; maxfwd = apr_strtoi64(str, &end, 10); if (maxfwd < 0 || maxfwd == APR_INT64_MAX || *end) { - return ap_proxyerror(r, HTTP_BAD_REQUEST, - apr_psprintf(r->pool, - "Max-Forwards value '%s' could not be parsed", str)); + ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO() + "Max-Forwards value '%s' could not be parsed", str); + return ap_proxyerror(r, HTTP_BAD_REQUEST, + "Max-Forwards request header could not be parsed"); } else if (maxfwd == 0) { switch (r->method_number) { diff --git a/modules/proxy/mod_proxy_ftp.c b/modules/proxy/mod_proxy_ftp.c index a29e085..8d66b4a 100644 --- a/modules/proxy/mod_proxy_ftp.c +++ b/modules/proxy/mod_proxy_ftp.c @@ -1024,8 +1024,9 @@ static int proxy_ftp_handler(request_rec *r, proxy_worker *worker, /* We break the URL into host, port, path-search */ if (r->parsed_uri.hostname == NULL) { if (APR_SUCCESS != apr_uri_parse(p, url, &uri)) { - return ap_proxyerror(r, HTTP_BAD_REQUEST, - apr_psprintf(p, "URI cannot be parsed: %s", url)); + ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO() + "URI cannot be parsed: %s", url); + return ap_proxyerror(r, HTTP_BAD_REQUEST, "URI cannot be parsed"); } connectname = uri.hostname; connectport = uri.port; diff --git a/modules/proxy/proxy_util.c b/modules/proxy/proxy_util.c index a80f933..0759dac 100644 --- a/modules/proxy/proxy_util.c +++ b/modules/proxy/proxy_util.c @@ -368,12 +368,9 @@ PROXY_DECLARE(char *) PROXY_DECLARE(int) ap_proxyerror(request_rec *r, int statuscode, const char *message) { - const char *uri = ap_escape_html(r->pool, r->uri); apr_table_setn(r->notes, "error-notes", apr_pstrcat(r->pool, - "The proxy server could not handle the request ", ap_escape_html(r->pool, r->method), " ", uri, - ".

\n" + "The proxy server could not handle the request

" "Reason: ", ap_escape_html(r->pool, message), "

", NULL));