Fix the argument passed to ap_get/set_module_config in cas_get/set_at…

…tributes The parameter was incorrectly set to the request_rec pointer itself rather than the request_config field of the request. Depending on Apache's configuration, this resulted in different parts of the request structure being overwritten with the attribute pointer. In many cases, it worked correctly by accident. This change correctly uses the request_config conf_vector for ap_get/set_module_config. In addition to that change, cas_get_attributes also works better in a subrequest: if no attributes are found in the subrequest, it will look in the parent request for attributes.
jtdaugherty · Dec 6, 2011 · 60eede2 · 60eede2
1 parent 496d836
commit 60eede2
Showing 1 changed file with 19 additions and 5 deletions.
diff --git a/src/mod_auth_cas.c b/src/mod_auth_cas.c
@@ -2037,17 +2037,31 @@ int cas_authenticate(request_rec *r)
 /* Store a reference to the request's attributes for later use.
  * Subsequent calls to cas_get_attributes() with the same request
  * object will return this same set of attributes. Note that the
- * attributes are stored directly, and not copied. */
+ * attributes are stored directly, and not copied. In particular,
+ * beware that the attributes must live at least as long as the
+ * specified request. */
 void cas_set_attributes(request_rec *r, cas_saml_attr *const attrs) {
-	ap_set_module_config(r, &auth_cas_module, attrs);
+	/* Always set the attributes in the current request, even if
+	 * it is a subrequest, because we always allocate memory in
+	 * the current request, so we run the risk of accessing freed
+	 * memory if we were to set it in the main request. */
+	ap_set_module_config(r->request_config, &auth_cas_module, attrs);
 }
 
 /* Get a reference to the attributes that were previously stored for
- * this request. If no attributes have been stored, this function will
- * return NULL.
+ * this request (or its main request). If no attributes have been
+ * stored, this function will return NULL.
  */
 const cas_saml_attr *cas_get_attributes(request_rec *r) {
-	return ap_get_module_config(r, &auth_cas_module);
+	/* If we have attribute stored in this request, then use them. If
+	 * not, then check the main request (if any). */
+	const cas_saml_attr *attrs = ap_get_module_config(r->request_config,
+							  &auth_cas_module);
+	if (attrs == NULL && r->main != NULL) {
+		return cas_get_attributes(r->main);
+	} else {
+		return attrs;
+	}
 }
 
 /* Look for an attribute that matches the given attribute spec (e.g.