blob: a57747336b5a35b985da658477a9e47852d77ed1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
$NetBSD: patch-bd,v 1.1.2.3 2009/06/12 21:38:06 spz Exp $
Patch for CVE-2009-1195 taken from:
http://svn.apache.org/viewvc?view=rev&revision=773881
http://svn.apache.org/viewvc?view=rev&revision=779472
--- server/core.c.orig 2009-06-11 20:51:15.000000000 +0100
+++ server/core.c 2009-06-11 21:01:04.000000000 +0100
@@ -659,7 +659,11 @@
core_dir_config *conf =
(core_dir_config *)ap_get_module_config(r->per_dir_config, &core_module);
- return conf->opts;
+ /* Per comment in http_core.h - the OPT_INC_WITH_EXEC bit is
+ * inverted, such that the exposed semantics match that of
+ * OPT_INCNOEXEC; i.e., the bit is only enabled if exec= is *not*
+ * permitted. */
+ return conf->opts ^ OPT_INC_WITH_EXEC;
}
AP_DECLARE(int) ap_allow_overrides(request_rec *r)
|