NetBSD Problem Report #47971
From martin@duskware.de Thu Jun 27 13:48:09 2013
Return-Path: <martin@duskware.de>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "Postmaster NetBSD.org" (verified OK))
by mollari.NetBSD.org (Postfix) with ESMTPS id AE9A1716C6
for <gnats-bugs@gnats.NetBSD.org>; Thu, 27 Jun 2013 13:48:09 +0000 (UTC)
From: martin@NetBSD.org
Reply-To: martin@NetBSD.org
To: gnats-bugs@gnats.NetBSD.org
Subject: httpd bogusly %-encodes redirects
X-Send-Pr-Version: 3.95
>Number: 47971
>Category: bin
>Synopsis: httpd bogusly %-encodes redirects
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: shm
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jun 27 13:50:00 +0000 2013
>Closed-Date: Thu Mar 24 15:29:25 +0000 2016
>Last-Modified: Thu Mar 24 15:29:25 +0000 2016
>Originator: Martin Husemann
>Release: NetBSD 6.1_STABLE
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD night-porter.duskware.de 6.1_STABLE NetBSD 6.1_STABLE (PORTER) #6: Wed May 29 21:38:20 CEST 2013 martin@night-porter.duskware.de:/usr/src-6/sys/arch/i386/compile/PORTER i386
Architecture: i386
Machine: i386
>Description:
When redirecting a request because of the existence of a .bzredirect or
.bzabsredirect file, httpd encodes the target url, including all / in it,
which usually breaks it.
I don't see why this behaviour ever would be usefull, but I might be missing
something.
Note that the only other use of the escape_rfc3986() is for filenames in
generated directory indices, and there it is absolutely ok.
>How-To-Repeat:
Try a .bzredirect to, say, ../test
>Fix:
Index: bozohttpd.c
===================================================================
RCS file: /cvsroot/src/libexec/httpd/bozohttpd.c,v
retrieving revision 1.39
diff -c -u -r1.39 bozohttpd.c
--- bozohttpd.c 27 Jun 2013 13:11:11 -0000 1.39
+++ bozohttpd.c 27 Jun 2013 13:43:01 -0000
@@ -965,7 +965,6 @@
url = urlbuf;
} else
urlbuf = NULL;
- url = escape_rfc3986(request->hr_httpd, url);
if (request->hr_query && strlen(request->hr_query))
query = 1;
>Release-Note:
>Audit-Trail:
From: Mateusz Kocielski <shm@digitalsun.pl>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: bin/47971
Date: Mon, 2 Nov 2015 09:01:48 +0000
Hi there,
may I ask you to test it with current version of httpd from CVS? It should
be fixed by that change:
http://mail-index.netbsd.org/source-changes/2015/10/28/msg069711.html
Best Regards,
Mateusz Kocielski
From: Mateusz Kocielski <shm@digitalsun.pl>
To: gnats-bugs@NetBSD.org
Cc: martin@NetBSD.org
Subject: Re: misc/47971
Date: Mon, 2 Nov 2015 08:57:31 +0000
Hi there,
may I ask you to test it with current version of httpd from CVS? It should
be fixed by that change:
http://mail-index.netbsd.org/source-changes/2015/10/28/msg069711.html
Best Regards,
Mateusz Kocielski
Responsible-Changed-From-To: bin-bug-people->shm
Responsible-Changed-By: shm@NetBSD.org
Responsible-Changed-When: Thu, 24 Mar 2016 15:29:25 +0000
Responsible-Changed-Why:
Changed to author of fixes
State-Changed-From-To: open->closed
State-Changed-By: shm@NetBSD.org
State-Changed-When: Thu, 24 Mar 2016 15:29:25 +0000
State-Changed-Why:
http://mail-index.netbsd.org/source-changes/2015/10/28/msg069711.html
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2014
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.