Index: ports/www/apache2/Makefile =================================================================== RCS file: /home/pcvs/ports/www/apache2/Makefile,v retrieving revision 1.198 diff -u -u -r1.198 Makefile --- ports/www/apache2/Makefile 19 Aug 2004 14:38:36 -0000 1.198 +++ ports/www/apache2/Makefile 15 Sep 2004 14:23:17 -0000 @@ -9,7 +9,7 @@ PORTNAME= apache PORTVERSION= 2.0.50 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_APACHE_HTTPD} \ http://sheepkiller.nerim.net/ports/${PORTNAME}/:powerlogo Index: ports/www/apache2/files/patch-secfix-modules:dav:fs:lock.c =================================================================== RCS file: ports/www/apache2/files/patch-secfix-modules:dav:fs:lock.c diff -N ports/www/apache2/files/patch-secfix-modules:dav:fs:lock.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ ports/www/apache2/files/patch-secfix-modules:dav:fs:lock.c 15 Sep 2004 14:23:17 -0000 @@ -0,0 +1,46 @@ +=================================================================== +RCS file: /home/cvspublic/httpd-2.0/modules/dav/fs/lock.c,v +retrieving revision 1.25.2.5 +retrieving revision 1.25.2.6 +diff -u -r1.25.2.5 -r1.25.2.6 +--- modules/dav/fs/lock.c 2004/04/26 15:45:52 1.25.2.5 ++++ modules/dav/fs/lock.c 2004/09/15 08:26:48 1.25.2.6 +@@ -66,7 +66,7 @@ + ** INDIRECT LOCK: [char (DAV_LOCK_INDIRECT), + ** apr_uuid_t locktoken, + ** time_t expires, +-** int key_size, ++** apr_size_t key_size, + ** char[] key] + ** The key is to the collection lock that resulted in this indirect lock + */ +@@ -157,7 +157,7 @@ + /* Stored indirect lock info - lock token and apr_datum_t */ + #define dav_size_indirect(a) (1 + sizeof(apr_uuid_t) \ + + sizeof(time_t) \ +- + sizeof(int) + (a)->key.dsize) ++ + sizeof((a)->key.dsize) + (a)->key.dsize) + + /* + ** The lockdb structure. +@@ -1469,13 +1469,13 @@ + } + if (dav_fs_do_refresh(dp_scan, ltl, new_time)) { + /* the lock was refreshed. return the lock. */ +- newlock = dav_fs_alloc_lock(lockdb, ip->key, dp->locktoken); ++ newlock = dav_fs_alloc_lock(lockdb, ip->key, dp_scan->locktoken); + newlock->is_locknull = !resource->exists; +- newlock->scope = dp->f.scope; +- newlock->type = dp->f.type; +- newlock->depth = dp->f.depth; +- newlock->timeout = dp->f.timeout; +- newlock->owner = dp->owner; ++ newlock->scope = dp_scan->f.scope; ++ newlock->type = dp_scan->f.type; ++ newlock->depth = dp_scan->f.depth; ++ newlock->timeout = dp_scan->f.timeout; ++ newlock->owner = dp_scan->owner; + newlock->auth_user = dp_scan->auth_user; + + newlock->next = *locks; + Index: ports/www/apache2/files/patch-secfix-server:utils.c =================================================================== RCS file: ports/www/apache2/files/patch-secfix-server:utils.c diff -N ports/www/apache2/files/patch-secfix-server:utils.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ ports/www/apache2/files/patch-secfix-server:utils.c 15 Sep 2004 14:23:17 -0000 @@ -0,0 +1,132 @@ +diff -Nur httpd-2.0~/server/util.c httpd-2.0/server/util.c +--- server/util.c ++++ server/util.c +@@ -722,7 +722,7 @@ + + *resp++ = '\0'; + #if RESOLVE_ENV_PER_TOKEN +- return ap_resolve_env(p,result); ++ return (char *)ap_resolve_env(p,result); + #else + return result; + #endif +@@ -782,39 +782,87 @@ + */ + AP_DECLARE(const char *) ap_resolve_env(apr_pool_t *p, const char * word) + { +- char tmp[ MAX_STRING_LEN ]; +- const char *s, *e; +- tmp[0] = '\0'; +- +- if (!(s=ap_strchr_c(word,'$'))) +- return word; +- +- do { +- /* XXX - relies on strncat() to add '\0' +- */ +- strncat(tmp,word,s - word); +- if ((s[1] == '{') && (e=ap_strchr_c(s,'}'))) { +- const char *e2 = e; +- char *var; +- word = e + 1; +- var = apr_pstrndup(p, s+2, e2-(s+2)); +- e = getenv(var); +- if (e) { +- strcat(tmp,e); +- } else { +- strncat(tmp, s, e2-s); +- strcat(tmp,"}"); +- } +- } else { +- /* ignore invalid strings */ +- word = s+1; +- strcat(tmp,"$"); +- }; +- } while ((s=ap_strchr_c(word,'$'))); +- strcat(tmp,word); ++# define SMALL_EXPANSION 5 ++ struct sll { ++ struct sll *next; ++ const char *string; ++ apr_size_t len; ++ } *result, *current, sresult[SMALL_EXPANSION]; ++ char *res_buf, *cp; ++ const char *s, *e, *ep; ++ unsigned spc; ++ apr_size_t outlen; ++ ++ s = ap_strchr_c(word, '$'); ++ if (!s) { ++ return word; ++ } ++ ++ /* well, actually something to do */ ++ ep = word + strlen(word); ++ spc = 0; ++ result = current = &(sresult[spc++]); ++ current->next = NULL; ++ current->string = word; ++ current->len = s - word; ++ outlen = current->len; ++ ++ do { ++ /* prepare next entry */ ++ if (current->len) { ++ current->next = (spc < SMALL_EXPANSION) ++ ? &(sresult[spc++]) ++ : (struct sll *)apr_palloc(p, ++ sizeof(*current->next)); ++ current = current->next; ++ current->next = NULL; ++ current->len = 0; ++ } + +- return apr_pstrdup(p,tmp); ++ if (*s == '$') { ++ if (s[1] == '{' && (e = ap_strchr_c(s, '}'))) { ++ word = getenv(apr_pstrndup(p, s+2, e-s-2)); ++ if (word) { ++ current->string = word; ++ current->len = strlen(word); ++ outlen += current->len; ++ } ++ else { ++ current->string = s; ++ current->len = e - s + 1; ++ outlen += current->len; ++ } ++ s = e + 1; ++ } ++ else { ++ current->string = s++; ++ current->len = 1; ++ ++outlen; ++ } ++ } ++ else { ++ word = s; ++ s = ap_strchr_c(s, '$'); ++ current->string = word; ++ current->len = s ? s - word : ep - word; ++ outlen += current->len; ++ } ++ } while (s && *s); ++ ++ /* assemble result */ ++ res_buf = cp = apr_palloc(p, outlen + 1); ++ do { ++ if (result->len) { ++ memcpy(cp, result->string, result->len); ++ cp += result->len; ++ } ++ result = result->next; ++ } while (result); ++ res_buf[outlen] = '\0'; ++ ++ return res_buf; + } ++ + AP_DECLARE(int) ap_cfg_closefile(ap_configfile_t *cfp) + { + #ifdef DEBUG + Index: ports/www/apache2/files/patch-secfix-srclib:apr-util:test:testuri.c =================================================================== RCS file: ports/www/apache2/files/patch-secfix-srclib:apr-util:test:testuri.c diff -N ports/www/apache2/files/patch-secfix-srclib:apr-util:test:testuri.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ ports/www/apache2/files/patch-secfix-srclib:apr-util:test:testuri.c 15 Sep 2004 14:23:17 -0000 @@ -0,0 +1,33 @@ +--- srclib/apr-util/test/testuri.c ++++ srclib/apr-util/test/testuri.c +@@ -36,6 +37,10 @@ + + struct aup_test aup_tests[] = + { ++ { "http://[/::1]/index.html", APR_EGENERAL }, ++ { "http://[", APR_EGENERAL }, ++ { "http://[?::1]/index.html", APR_EGENERAL }, ++ + { + "http://127.0.0.1:9999/asdf.html", + 0, "http", "127.0.0.1:9999", NULL, NULL, "127.0.0.1", "9999", "/asdf.html", NULL, NULL, 9999 +--- srclib/apr-util/uri/apr_uri.c ++++ srclib/apr-util/uri/apr_uri.c +@@ -307,11 +307,11 @@ + if (*hostinfo == '[') { + v6_offset1 = 1; + v6_offset2 = 2; +- s = uri; +- do { +- --s; +- } while (s >= hostinfo && *s != ':' && *s != ']'); +- if (s < hostinfo || *s == ']') { ++ s = memchr(hostinfo, ']', uri - hostinfo); ++ if (s == NULL) { ++ return APR_EGENERAL; ++ } ++ if (*++s != ':') { + s = NULL; /* no port */ + } + } +