[mod_python] Bug in setting interpreter name with PythonInterpPerDirectory.

Graham Dumpleton grahamd at dscpl.com.au
Thu Nov 11 21:59:27 EST 2004

On Nov 10 15:18, Graham Dumpleton <grahamd at dscpl.com.au> wrote:
> Subject: [mod_python] Bug in setting up of config_dir from Handler directives.
> I wander where else there are little mistakes like this in mod_python
> where it doesn't take into consideration that Apache passed it POSIX
> style pathnames and not Win32 ones.
> Anyway, possibly another one for the TODO list of things to fix. Someone
> want to confirm this analysis or make the change and see what happens
> then.

Having a very quick look at mod_python.c, the SLASH macros get used in only
one other spot. It is mentioned in other places, but that code is commented

The code in this case is in select_interp_name() and it to is wrong, although
it has a couple of problems and gives slightly undesirable results on UNIX
platforms as well in certain cirsumstances.

Consider a publisher based content handler containing:

  def index(req):
    return req.interpreter

If you do not have the PythonInterPerDirectory diective turned on, accessing
that page will generate the virtual/actual host of the web server. Eg.


If you turn on the PythonInterpPerDirectory and access the page explicitly
as for example:


You get something like:


The trailing slash "/" is put there by the select_interp_name() function. If this
were on Win32, you probably end up with:


Now, if the actual directory is accessed instead and the automagic mapping to
the index() method in the file is relied upon, ie., request as:


You first get redirected to:


and the result you get back is:


Again, the final trailing '/' is put there by select_interp_name(). On Win32, this is
thus likely to be:


In summary, there are two problems here.

First is that on Win32 it is most likely going to use '\' even though rest of the path
uses POSIX naming style.

Second is that the code doesn't check to see if there already is a trailing slash with
the result that although access to the directory and the file should result in the
same interpreter name, it doesn't.

This latter problem means that the same index() method can get executed within
the context of two different interpreters dependent on which URL you used. This
shouldn't be the case and could cause problems in some applications.

I haven't worked out the actual patch required in this case because of there being
two issues and because I haven't looked through the code enough to know where
to look to see if there already is a trailing slash. At the minimum, the use of SLASH_S
should be changed to "/" in that part of the select_interp_name() method.

Anyone on Win32 want to see if my assumptions about what happens there is

Graham Dumpleton (grahamd at dscpl.com.au)

More information about the Mod_python mailing list