1
# Description: fix information disclosure via improper handling of
2
# headers in subrequests
3
# Origin: backport, http://svn.apache.org/viewvc?view=revision&revision=917867
4
# Bug: https://issues.apache.org/bugzilla/show_bug.cgi?id=48359
6
diff -Naur build-tree.orig/apache2/server/protocol.c build-tree/apache2/server/protocol.c
7
--- build-tree.orig/apache2/server/protocol.c 2010-03-08 14:15:31.000000000 -0500
8
+++ build-tree/apache2/server/protocol.c 2010-03-08 14:32:09.000000000 -0500
11
rnew->status = HTTP_OK;
13
- rnew->headers_in = r->headers_in;
14
+ rnew->headers_in = apr_table_copy(rnew->pool, r->headers_in);
15
rnew->subprocess_env = apr_table_copy(rnew->pool, r->subprocess_env);
16
rnew->headers_out = apr_table_make(rnew->pool, 5);
17
rnew->err_headers_out = apr_table_make(rnew->pool, 5);