From 89af71af15afe1d09364de91e5a2464b8369e1fb Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Fri, 6 Jun 2025 10:36:00 +0000 Subject: [PATCH] * modules/dav/fs/repos.c (dav_fs_remove_resource): Return a 404 if apr_file_remove() fails with an ENOENT error, likely due to a race with another DELETE. PR: 60746 Github: closes #535 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1926172 13f79535-47bb-0310-9956-ffa450edef68 (cherry picked from commit 39265983d176647fff3c8467a2823244d6f03ee4) --- changes-entries/pr60746.txt | 2 ++ modules/dav/fs/repos.c | 12 ++++++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) create mode 100644 changes-entries/pr60746.txt diff --git a/changes-entries/pr60746.txt b/changes-entries/pr60746.txt new file mode 100644 index 00000000000..d8401fd73e5 --- /dev/null +++ b/changes-entries/pr60746.txt @@ -0,0 +1,2 @@ + *) mod_dav_fs: Return a 404 for DELETE if deletion fails because the + resource no longer exists. PR 60746. [Joe Orton] diff --git a/modules/dav/fs/repos.c b/modules/dav/fs/repos.c index 64bc894cf66..cead8b19cc1 100644 --- a/modules/dav/fs/repos.c +++ b/modules/dav/fs/repos.c @@ -1486,8 +1486,16 @@ static dav_error * dav_fs_remove_resource(dav_resource *resource, /* not a collection; remove the file and its properties */ if ((status = apr_file_remove(info->pathname, info->pool)) != APR_SUCCESS) { - /* ### put a description in here */ - return dav_new_error(info->pool, HTTP_FORBIDDEN, 0, status, NULL); + if (APR_STATUS_IS_ENOENT(status)) { + /* Return a 404 if there is a race with another DELETE, + * per RFC 4918ยง9.6. */ + return dav_new_error(info->pool, HTTP_NOT_FOUND, 0, status, + "Cannot remove already-removed resource."); + } + else { + return dav_new_error(info->pool, HTTP_FORBIDDEN, 0, status, + "Cannot remove resource"); + } } /* update resource state */