- from RH: clean logged strings of non-printable chars (CAN-2003-0020, BTS#754)

author Jakub Bogusz <qboosh@pld-linux.org>

Mon, 3 Nov 2003 13:56:26 +0000 (13:56 +0000)

committer cvs2git <feedback@pld-linux.org>

Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
author Jakub Bogusz <qboosh@pld-linux.org>
Mon, 3 Nov 2003 13:56:26 +0000 (13:56 +0000)
committer cvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
diff --git a/apache-CAN-2003-0020.patch b/apache-CAN-2003-0020.patch

new file mode 100644 (file)

index 0000000..1081f16
--- /dev/null
+++ b/apache-CAN-2003-0020.patch
@@ -0,0 +1,31 @@
+From RedHat's errata for 1.3.27
+--- src/main/http_log.c.escape 2003-02-14 10:57:45.000000000 +0000
++++ src/main/http_log.c        2003-02-14 11:17:30.000000000 +0000
+@@ -251,6 +251,17 @@
+     }
+ }
+ 
++/* Clean 'str' of non-printable characters. */
++static void sanitize(char *str, size_t len)
++{
++    while (len--) {
++        /* iscntrl implies !isprint; redundant but paranoid. */
++        if (!isprint(*str) || iscntrl(*str))
++            *str = '!';
++        str++;
++    }
++}    
++
+ API_EXPORT(void) ap_open_logs(server_rec *s_main, pool *p)
+ {
+     server_rec *virt, *q;
+@@ -459,6 +470,9 @@
+ 
+     len += ap_vsnprintf(errstr + len, sizeof(errstr) - len, fmt, args);
+ 
++    /* clean of non-printable characters. */
++    sanitize(errstr, len);
++
+     /* NULL if we are logging to syslog */
+     if (logf) {
+       fputs(errstr, logf);
author	Jakub Bogusz <qboosh@pld-linux.org>
	Mon, 3 Nov 2003 13:56:26 +0000 (13:56 +0000)
committer	cvs2git <feedback@pld-linux.org>
	Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)