use random value as multipart range boundary to prevent leaking information

about the used MPM git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1171250 13f79535-47bb-0310-9956-ffa450edef68
author: Stefan Fritsch <sf@apache.org> 2011-09-15 19:55:27 +0000
committer: Stefan Fritsch <sf@apache.org> 2011-09-15 19:55:27 +0000
commit: b279698681cc37e284a0ac97c91f0d6314982350 (patch)
tree: 4de01090cc017b067d521e486495999ede65eb3a /modules/http
parent: 19e145371d69aa73b51b420d8423642e5abb9028 (diff)
download: httpd-b279698681cc37e284a0ac97c91f0d6314982350.tar.gz
1 files changed, 5 insertions, 7 deletions
diff --git a/modules/http/byterange_filter.c b/modules/http/byterange_filter.c
index 93371ae87e..c9d942fc18 100644
--- a/modules/http/byterange_filter.c
+++ b/modules/http/byterange_filter.c
@@ -442,7 +442,6 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_byterange_filter(ap_filter_t *f,
     apr_status_t rv;
     int found = 0;
     int num_ranges;
-    char *boundary = NULL;
     char *bound_head = NULL;
     apr_array_header_t *indexes;
     indexes_t *idx;
@@ -505,17 +504,15 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_byterange_filter(ap_filter_t *f,
     if (num_ranges > 1) {
         /* Is ap_make_content_type required here? */
         const char *orig_ct = ap_make_content_type(r, r->content_type);
-        boundary = apr_psprintf(r->pool, "%" APR_UINT64_T_HEX_FMT "%lx",
-                                (apr_uint64_t)r->request_time, c->id);
 
         ap_set_content_type(r, apr_pstrcat(r->pool, "multipart",
                                            use_range_x(r) ? "/x-" : "/",
                                            "byteranges; boundary=",
-                                           boundary, NULL));
+                                           ap_multipart_boundary, NULL));
 
         if (orig_ct) {
             bound_head = apr_pstrcat(r->pool,
-                                     CRLF "--", boundary,
+                                     CRLF "--", ap_multipart_boundary,
                                      CRLF "Content-type: ",
                                      orig_ct,
                                      CRLF "Content-range: bytes ",
@@ -524,7 +521,7 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_byterange_filter(ap_filter_t *f,
         else {
             /* if we have no type for the content, do our best */
             bound_head = apr_pstrcat(r->pool,
-                                     CRLF "--", boundary,
+                                     CRLF "--", ap_multipart_boundary,
                                      CRLF "Content-range: bytes ",
                                      NULL);
         }
@@ -596,7 +593,8 @@ AP_CORE_DECLARE_NONSTD(apr_status_t) ap_byterange_filter(ap_filter_t *f,
         char *end;
 
         /* add the final boundary */
-        end = apr_pstrcat(r->pool, CRLF "--", boundary, "--" CRLF, NULL);
+        end = apr_pstrcat(r->pool, CRLF "--", ap_multipart_boundary, "--" CRLF,
+                          NULL);
         ap_xlate_proto_to_ascii(end, strlen(end));
         e = apr_bucket_pool_create(end, strlen(end), r->pool, c->bucket_alloc);
         APR_BRIGADE_INSERT_TAIL(bsend, e);
author	Stefan Fritsch <sf@apache.org>	2011-09-15 19:55:27 +0000
committer	Stefan Fritsch <sf@apache.org>	2011-09-15 19:55:27 +0000
commit	b279698681cc37e284a0ac97c91f0d6314982350 (patch)
tree	4de01090cc017b067d521e486495999ede65eb3a /modules/http
parent	19e145371d69aa73b51b420d8423642e5abb9028 (diff)
download	httpd-b279698681cc37e284a0ac97c91f0d6314982350.tar.gz