Date: 31 Dec 1997 11:45:26 +0100 From: Wolfram Schneider <wosch@cs.tu-berlin.de> To: www@FreeBSD.ORG Subject: [Marc Slemko <marcs@znep.com>] Re: Apache DoS attack? Message-ID: <p1i4t3psse1.fsf@panke.panke.de>
next in thread | raw e-mail | index | archive | help
------- Start of forwarded message -------
Message-ID: <Pine.BSF.3.95.971230132752.2417U-100000@alive.znep.com>
Date: Tue, 30 Dec 1997 13:30:56 -0700
Reply-To: Marc Slemko <marcs@znep.com>
From: Marc Slemko <marcs@znep.com>
Subject: Re: Apache DoS attack?
To: BUGTRAQ@NETSPACE.ORG
On Tue, 30 Dec 1997, Marc Slemko wrote:
[...]
> Please see the patch Dean Gaudet has posted to bugtraq for the solution.
Since people are telling me that Dean's post has not made it yet and
asking for the patch, and I don't see it here yet, I am reposting his
patch for 1.2. A similar thing applies to 1.3.
This patch has been applied to the Apache CVS tree and will be available
in a new release at some point in the reasonably near future.
Index: src/util.c
===================================================================
RCS file: /export/home/cvs/apache/src/util.c,v
retrieving revision 1.52.2.2
diff -u -r1.52.2.2 util.c
--- util.c 1997/06/27 01:47:47 1.52.2.2
+++ util.c 1997/12/30 18:09:15
@@ -328,14 +328,22 @@
}
}
-void no2slash(char *name) {
- register int x,y;
+void no2slash(char *name)
+{
+ char *d, *s;
- for(x=0; name[x];)
- if(x && (name[x-1] == '/') && (name[x] == '/'))
- for(y=x+1;name[y-1];y++)
- name[y-1] = name[y];
- else x++;
+ s = d = name;
+ while (*s) {
+ if ((*d++ = *s) == '/') {
+ do {
+ ++s;
+ } while (*s == '/');
+ }
+ else {
+ ++s;
+ }
+ }
+ *d = '\0';
}
char *make_dirstr(pool *p, const char *s, int n) {
------- End of forwarded message -------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p1i4t3psse1.fsf>