Accepting request 821097 from Apache

- fix crash in mod_proxy_uwsgi for empty values of environment variables [bsc#1174052] - added patches fix https://svn.apache.org/viewvc?view=revision + apache2-mod_proxy_uwsgi-fix-crash.patch OBS-URL: https://build.opensuse.org/request/show/821097 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=168
2020-07-17 18:46:39 +00:00 · 2020-07-17 18:46:39 +00:00 · ff2fb11a0d
commit ff2fb11a0d
parent c6b2c22fe1 186692b329
3 changed files with 39 additions and 0 deletions
--- a/apache2-mod_proxy_uwsgi-fix-crash.patch
+++ b/apache2-mod_proxy_uwsgi-fix-crash.patch
@ -0,0 +1,27 @@
+--- a/modules/proxy/mod_proxy_uwsgi.c	2020/07/15 07:48:38	1879877
+++ b/modules/proxy/mod_proxy_uwsgi.c	2020/07/15 08:24:13	1879878
+@@ -175,7 +175,7 @@ static int uwsgi_send_headers(request_re
+     env = (apr_table_entry_t *) env_table->elts;
+ 
+     for (j = 0; j < env_table->nelts; ++j) {
+-        headerlen += 2 + strlen(env[j].key) + 2 + strlen(env[j].val);
+        headerlen += 2 + strlen(env[j].key) + 2 + (env[j].val ? strlen(env[j].val) : 0);
+     }
+ 
+     ptr = buf = apr_palloc(r->pool, headerlen);
+@@ -189,10 +189,12 @@ static int uwsgi_send_headers(request_re
+         memcpy(ptr, env[j].key, keylen);
+         ptr += keylen;
+ 
+-        vallen = strlen(env[j].val);
+        vallen = env[j].val ? strlen(env[j].val) : 0;
+         *ptr++ = (apr_byte_t) (vallen & 0xff);
+         *ptr++ = (apr_byte_t) ((vallen >> 8) & 0xff);
+-        memcpy(ptr, env[j].val, vallen);
+        if (env[j].val) {
+            memcpy(ptr, env[j].val, vallen);
+        }
+         ptr += vallen;
+     }
+ 
+
--- a/apache2.changes
+++ b/apache2.changes
@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Wed Jul 15 09:16:02 UTC 2020 - pgajdos@suse.com
+
+- fix crash in mod_proxy_uwsgi for empty values of environment
+  variables [bsc#1174052]
+- added patches
+  fix https://svn.apache.org/viewvc?view=revision
+  + apache2-mod_proxy_uwsgi-fix-crash.patch
+
 -------------------------------------------------------------------
 Fri Apr  3 12:09:55 UTC 2020 - pgajdos@suse.com

--- a/apache2.spec
+++ b/apache2.spec
@ -144,6 +144,8 @@ Patch111:       httpd-visibility.patch
 # PATCH-FEATURE-UPSTREAM kstreitova@suse.com -- backport of HttpContentLengthHeadZero and HttpExpectStrict
 Patch115:       httpd-2.4.x-fate317766-config-control-two-protocol-options.diff
 Patch116:       deprecated-scripts-arch.patch
+# https://svn.apache.org/viewvc?view=revision
+Patch117:       apache2-mod_proxy_uwsgi-fix-crash.patch
 BuildRequires:  apache-rpm-macros-control
 BuildRequires:  apr-util-devel
 #Since 2.4.7 the event MPM requires apr 1.5.0 or later.
@ -332,6 +334,7 @@ to administrators of web servers in general.
 %if 0%{?suse_version} == 1110
 %patch116 -p1
 %endif
+%patch117 -p1
 cat %{_sourcedir}/SUSE-NOTICE >> NOTICE
 # install READMEs
 a=$(basename %{SOURCE22})