| 126 | } |
| 127 | |
| 128 | static apr_status_t cgi_handle_exec(include_ctx_t *ctx, ap_filter_t *f, |
| 129 | apr_bucket_brigade *bb) |
| 130 | { |
| 131 | char *tag = NULL; |
| 132 | char *tag_val = NULL; |
| 133 | request_rec *r = f->r; |
| 134 | char *file = r->filename; |
| 135 | char parsed_string[MAX_STRING_LEN]; |
| 136 | |
| 137 | if (!ctx->argc) { |
| 138 | ap_log_rerror(APLOG_MARK, |
| 139 | (ctx->flags & SSI_FLAG_PRINTING) |
| 140 | ? APLOG_ERR : APLOG_WARNING, |
| 141 | 0, r, APLOGNO(03195) |
| 142 | "missing argument for exec element in %s", r->filename); |
| 143 | } |
| 144 | |
| 145 | if (!(ctx->flags & SSI_FLAG_PRINTING)) { |
| 146 | return APR_SUCCESS; |
| 147 | } |
| 148 | |
| 149 | if (!ctx->argc) { |
| 150 | SSI_CREATE_ERROR_BUCKET(ctx, f, bb); |
| 151 | return APR_SUCCESS; |
| 152 | } |
| 153 | |
| 154 | if (ctx->flags & SSI_FLAG_NO_EXEC) { |
| 155 | ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01228) "exec used but not allowed " |
| 156 | "in %s", r->filename); |
| 157 | SSI_CREATE_ERROR_BUCKET(ctx, f, bb); |
| 158 | return APR_SUCCESS; |
| 159 | } |
| 160 | |
| 161 | while (1) { |
| 162 | cgi_pfn_gtv(ctx, &tag, &tag_val, SSI_VALUE_DECODED); |
| 163 | if (!tag || !tag_val) { |
| 164 | break; |
| 165 | } |
| 166 | |
| 167 | if (!strcmp(tag, "cmd")) { |
| 168 | apr_status_t rv; |
| 169 | |
| 170 | cgi_pfn_ps(ctx, tag_val, parsed_string, sizeof(parsed_string), |
| 171 | SSI_EXPAND_LEAVE_NAME); |
| 172 | |
| 173 | rv = include_cmd(ctx, f, bb, parsed_string); |
| 174 | if (rv != APR_SUCCESS) { |
| 175 | ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01229) "execution failure " |
| 176 | "for parameter \"%s\" to tag exec in file %s", |
| 177 | tag, r->filename); |
| 178 | SSI_CREATE_ERROR_BUCKET(ctx, f, bb); |
| 179 | break; |
| 180 | } |
| 181 | } |
| 182 | else if (!strcmp(tag, "cgi")) { |
| 183 | apr_status_t rv; |
| 184 | |
| 185 | cgi_pfn_ps(ctx, tag_val, parsed_string, sizeof(parsed_string), |
nothing calls this directly
no test coverage detected