#
# os2_filestat_security_fix.patch for Apache 2.0.44
#
# Authoritative location:
#
# http://www.apache.org/dist/httpd/patches/apply_to_2.0.45/
# 
# *) SECURITY [CAN-2003-0134] OS2: Fix a Denial of Service vulnerability 
#    identified and reported by Robert Howard <rihoward@rawbw.com> that 
#    where device names faulted the running OS2 worker process.
#    The fix is actually in APR 0.9.4.  [Brian Havard]
#
# That CHANGES entry reads;
#
# *) OS/2: apr_stat() fixes - When a character device is stat'ed, 
#    fill in finfo.name if it was asked for.  Return APR_INCOMPLETE 
#    when appropriate.  Addresses httpd incident [CAN-2003-0134].
#    [Brian Havard]
#
# This patch only affects the OS2 platform.
#
Index: srclib/apr/file_io/os2/filestat.c
===================================================================
RCS file: /home/cvspublic/apr/file_io/os2/filestat.c,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -r1.34 -r1.35
--- srclib/apr/file_io/os2/filestat.c	2003/01/07 00:52:51	1.34
+++ srclib/apr/file_io/os2/filestat.c	2003/03/31 12:31:40	1.35
@@ -186,17 +186,21 @@
                 finfo->valid |= APR_FINFO_NAME;
             }
         }
-
-        return APR_SUCCESS;
     } else if (rc == ERROR_INVALID_ACCESS) {
         memset(finfo, 0, sizeof(apr_finfo_t));
         finfo->valid = APR_FINFO_TYPE | APR_FINFO_PROT;
         finfo->protection = 0666;
         finfo->filetype = APR_CHR;
-        return APR_SUCCESS;
+
+        if (wanted & APR_FINFO_NAME) {
+            finfo->name = apr_pstrdup(cont, fname);
+            finfo->valid |= APR_FINFO_NAME;
+        }
+    } else {
+        return APR_FROM_OS_ERROR(rc);
     }
-    
-    return APR_FROM_OS_ERROR(rc);
+
+    return (wanted & ~finfo->valid) ? APR_INCOMPLETE : APR_SUCCESS;
 }