Commit 09a28d18 authored by Stefan Fritsch's avatar Stefan Fritsch
Browse files

Limit ap_pregsub() to 64K, add ap_pregsub_ex() for longer strings and with 

better error reporting. Modify ap_varbuf_regsub() to be similar to
ap_pregsub_ex().


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1188950 13f79535-47bb-0310-9956-ffa450edef68
parent 3c449a6a

CHANGES

+3 −0
Original line number Diff line number Diff line
@@ -12,6 +12,9 @@ Changes with Apache 2.3.15 
     PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener,

     <lowprio20 gmail.com>]



  *) core: Limit ap_pregsub() to 64K, add ap_pregsub_ex() for longer strings.

     [Stefan Fritsch]



  *) mod_session_crypto: Refactor to support the new apr_crypto API.

     [Graham Leggett]

include/ap_mmn.h

+3 −1
Original line number Diff line number Diff line
@@ -360,12 +360,14 @@ 
 *                         add ap_unixd_config.group_name

 * 20111014.0 (2.3.15-dev) Remove cookie_path_str and cookie_domain_str from

 *                         proxy_dir_conf

 * 20111025.0 (2.3.15-dev) Add return value and maxlen to ap_varbuf_regsub(),

 *                         add ap_pregsub_ex()

 */



#define MODULE_MAGIC_COOKIE 0x41503234UL /* "AP24" */



#ifndef MODULE_MAGIC_NUMBER_MAJOR

#define MODULE_MAGIC_NUMBER_MAJOR 20111014

#define MODULE_MAGIC_NUMBER_MAJOR 20111025

#endif

#define MODULE_MAGIC_NUMBER_MINOR 0                   /* 0...n */

include/httpd.h

+21 −1
Original line number Diff line number Diff line
@@ -1775,7 +1775,8 @@ AP_DECLARE(void) ap_pregfree(apr_pool_t *p, ap_regex_t *reg); 
/**

 * After performing a successful regex match, you may use this function to

 * perform a series of string substitutions based on subexpressions that were

 * matched during the call to ap_regexec

 * matched during the call to ap_regexec. This function is limited to

 * result strings of 64K. Consider using ap_pregsub_ex() instead.

 * @param p The pool to allocate from

 * @param input An arbitrary string containing $1 through $9.  These are

 *              replaced with the corresponding matched sub-expressions
@@ -1787,6 +1788,25 @@ AP_DECLARE(void) ap_pregfree(apr_pool_t *p, ap_regex_t *reg); 
AP_DECLARE(char *) ap_pregsub(apr_pool_t *p, const char *input, const char *source,

                              size_t nmatch, ap_regmatch_t pmatch[]);



/**

 * After performing a successful regex match, you may use this function to

 * perform a series of string substitutions based on subexpressions that were

 * matched during the call to ap_regexec

 * @param p The pool to allocate from

 * @param result where to store the result, will be set to NULL on error

 * @param input An arbitrary string containing $1 through $9.  These are

 *              replaced with the corresponding matched sub-expressions

 * @param source The string that was originally matched to the regex

 * @param nmatch the nmatch returned from ap_pregex

 * @param pmatch the pmatch array returned from ap_pregex

 * @param maxlen the maximum string length to return

 * @return The substituted string, or NULL on error

 */

AP_DECLARE(apr_status_t) ap_pregsub_ex(apr_pool_t *p, char **result,

                                       const char *input, const char *source,

                                       size_t nmatch, ap_regmatch_t pmatch[],

                                       apr_size_t maxlen);



/**

 * We want to downcase the type/subtype for comparison purposes

 * but nothing else because ;parameter=foo values are case sensitive.

include/util_varbuf.h

+7 −3
Original line number Diff line number Diff line
@@ -135,13 +135,17 @@ AP_DECLARE(char *) ap_varbuf_pdup(apr_pool_t *p, struct ap_varbuf *vb, 
 * @param source The string that was originally matched to the regex

 * @param nmatch the nmatch returned from ap_pregex

 * @param pmatch the pmatch array returned from ap_pregex

 * @param maxlen the maximum string length to append to vb

 * @return APR_SUCCESS if successful

 * @note Just like ap_pregsub(), this function does not copy the part of

 *       *source before the matching part (i.e. the first pmatch[0].rm_so

 *       characters).

 */

AP_DECLARE(void) ap_varbuf_regsub(struct ap_varbuf *vb, const char *input,

AP_DECLARE(apr_status_t) ap_varbuf_regsub(struct ap_varbuf *vb,

                                          const char *input,

                                          const char *source, size_t nmatch,

                                  ap_regmatch_t pmatch[]);

                                          ap_regmatch_t pmatch[],

                                          apr_size_t maxlen);



/** Read a line from an ap_configfile_t into an ap_varbuf.

 * @param vb pointer to the ap_varbuf struct

modules/filters/mod_substitute.c

+2 −1
Original line number Diff line number Diff line
@@ -196,7 +196,8 @@ static void do_pattmatch(ap_filter_t *f, apr_bucket *inb, 
                                ap_varbuf_strmemcat(&vb, pos, regm[0].rm_so);

                            /* add replacement string */

                            ap_varbuf_regsub(&vb, script->replacement, pos,

                                             AP_MAX_REG_MATCH, regm);

                                             AP_MAX_REG_MATCH, regm,

                                             APR_SIZE_MAX);

                        }

                        else {

                            repl = ap_pregsub(pool, script->replacement, pos,