Actions
Bug #520
closedNull string bug in mod_cgi introduced in 1.4.10; patch attached
Status:
Fixed
Priority:
High
Category:
mod_cgi
Target version:
-
ASK QUESTIONS IN Forums:
Description
mod_cgi in 1.4.10 doesn't handle empty QUERY_STRING properly. Whilst 1.4.9 did something like this:
cgi_env_add(&env, CONST_STR_LEN("QUERY_STRING"), con->uri.query->used ? con->uri.query->ptr : "");
cgi_env_add(&env, CONST_STR_LEN("REQUEST_URI"), con->request.orig_uri->used ? con->request.orig_uri->ptr : "");
you changed this to
cgi_env_add(&env, CONST_STR_LEN("QUERY_STRING"), CONST_BUF_LEN(con->uri.query));
cgi_env_add(&env, CONST_STR_LEN("REQUEST_URI"), CONST_BUF_LEN(con->request.orig_uri));
in 1.4.10. These need {{{if (!buffer_is_empty(...)}}} wrappers to avoid passing junk QUERY_STRING through to CGI scripts. (I was getting random characters in my QUERY_STRING, presumably from other lighttpd buffers.)
Here is a patch:
--- src/mod_cgi.c.orig 2006-02-12 11:41:50.352826163 +0000
+++ src/mod_cgi.c 2006-02-12 11:44:25.174070800 +0000
@@ -809,8 +809,12 @@
cgi_env_add(&env, CONST_STR_LEN("PATH_INFO"), CONST_BUF_LEN(con->request.pathinfo));
}
cgi_env_add(&env, CONST_STR_LEN("REDIRECT_STATUS"), CONST_STR_LEN("200"));
- cgi_env_add(&env, CONST_STR_LEN("QUERY_STRING"), CONST_BUF_LEN(con->uri.query));
- cgi_env_add(&env, CONST_STR_LEN("REQUEST_URI"), CONST_BUF_LEN(con->request.orig_uri));
+ if (!buffer_is_empty(con->uri.query)) {
+ cgi_env_add(&env, CONST_STR_LEN("QUERY_STRING"), CONST_BUF_LEN(con->uri.query));
+ }
+ if (!buffer_is_empty(con->request.orig_uri)) {
+ cgi_env_add(&env, CONST_STR_LEN("REQUEST_URI"), CONST_BUF_LEN(con->request.orig_uri));
+ }
#ifdef HAVE_IPV6
Updated by jan about 18 years ago
- Status changed from New to Fixed
- Resolution set to fixed
applied in r1006
Actions
Also available in: Atom