#
# COPYRIGHT:
#
-# This software is Copyright (c) 1996-2011 Best Practical Solutions, LLC
+# This software is Copyright (c) 1996-2013 Best Practical Solutions, LLC
# <sales@bestpractical.com>
#
# (Except where explicitly superseded by other copyright notices)
our ($Nobody, $SystemUser, $Handler, $r);
-my $protect_fd;
+my $protect_fds;
sub handler {
($r) = @_;
- if ( !$protect_fd && $ENV{'MOD_PERL'} && exists $ENV{'MOD_PERL_API_VERSION'}
- && $ENV{'MOD_PERL_API_VERSION'} >= 2 && fileno(STDOUT) != 1
+ if ( !$protect_fds && $ENV{'MOD_PERL'} && exists $ENV{'MOD_PERL_API_VERSION'}
+ && $ENV{'MOD_PERL_API_VERSION'} >= 2
) {
- # under mod_perl2, STDOUT gets closed and re-opened, however new STDOUT
- # is not on FD #1. In this case next IO operation will occupy this FD
- # and make all system() and open "|-" dangerouse, for example DBI
- # can get this FD for DB connection and system() call will close
- # by putting grabage into the socket
- open $protect_fd, '>/dev/null' or die "Couldn't open /dev/null: $!";
- unless ( fileno($protect_fd) == 1 ) {
- warn "We opened /dev/null to protect FD #1, but descriptor #1 is already occupied";
- }
+ # under mod_perl2, STDIN and STDOUT get closed and re-opened,
+ # however they are not on FD 0 and 1. In this case, the next
+ # socket that gets opened will occupy one of these FDs, and make
+ # all system() and open "|-" calls dangerous; for example, the
+ # DBI handle can get this FD, which later system() calls will
+ # close by putting garbage into the socket.
+ $protect_fds = [];
+ push @{$protect_fds}, IO::Handle->new_from_fd(0, "r")
+ if fileno(STDIN) != 0;
+ push @{$protect_fds}, IO::Handle->new_from_fd(1, "w")
+ if fileno(STDOUT) != 1;
}
local $SIG{__WARN__};
RT::ConnectToDatabase();
+ # none of the methods in $r gives us the information we want (most
+ # canonicalize /foo/../bar to /bar which is exactly what we want to avoid)
+ my (undef, $requested) = split ' ', $r->the_request, 3;
+ my $uri = URI->new("http://".$r->hostname.$requested);
+ my $path = URI::Escape::uri_unescape($uri->path);
+
+ ## Each environment has its own way of handling .. and so on in paths,
+ ## so RT consistently forbids such paths.
+ if ( $path =~ m{/\.} ) {
+ $RT::Logger->crit("Invalid request for ".$path." aborting");
+ RT::Interface::Web::Handler->CleanupRequest();
+ return 400;
+ }
+
my (%session, $status);
{
local $@;