You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Ruediger Pluem <rp...@apache.org> on 2020/07/06 12:17:05 UTC

Re: svn commit: r1879546 - in /httpd/httpd/trunk: CHANGES modules/http2/h2_from_h1.c


On 7/6/20 2:13 PM, rpluem@apache.org wrote:
> Author: rpluem
> Date: Mon Jul  6 12:13:33 2020
> New Revision: 1879546
> 
> URL: http://svn.apache.org/viewvc?rev=1879546&view=rev
> Log:
> * Make get_line more robust in the case that it is called multiple times:
> 
>   - Safe the brigade between mutiple calls to correctly handle transient
>     buckets.
>   - Detect possible endless loops.
> 
> Modified:
>     httpd/httpd/trunk/CHANGES
>     httpd/httpd/trunk/modules/http2/h2_from_h1.c
> 

> Modified: httpd/httpd/trunk/modules/http2/h2_from_h1.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/http2/h2_from_h1.c?rev=1879546&r1=1879545&r2=1879546&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/modules/http2/h2_from_h1.c (original)
> +++ httpd/httpd/trunk/modules/http2/h2_from_h1.c Mon Jul  6 12:13:33 2020

> @@ -351,13 +352,17 @@ static apr_status_t get_line(h2_response
>          parser->tmp = apr_brigade_create(task->pool, task->c->bucket_alloc);
>      }
>      status = apr_brigade_split_line(parser->tmp, bb, APR_BLOCK_READ, 
> -                                    HUGE_STRING_LEN);
> +                                    len);
>      if (status == APR_SUCCESS) {
>          --len;
>          status = apr_brigade_flatten(parser->tmp, line, &len);
>          if (status == APR_SUCCESS) {
>              /* we assume a non-0 containing line and remove trailing crlf. */
>              line[len] = '\0';
> +            /*
> +             * XXX: What to do if there is an LF but no CRLF?
> +             *      Should we error out?
> +             */
>              if (len >= 2 && !strcmp(H2_CRLF, line + len - 2)) {
>                  len -= 2;
>                  line[len] = '\0';
> @@ -367,10 +372,47 @@ static apr_status_t get_line(h2_response
>                                task->id, line);
>              }
>              else {
> +                apr_off_t brigade_length;
> +
> +                /*
> +                 * If the brigade parser->tmp becomes longer than our buffer
> +                 * for flattening we never have a chance to get a complete
> +                 * line. This can happen if we are called multiple times after
> +                 * previous calls did not find a H2_CRLF and we returned
> +                 * APR_EAGAIN. In this case parser->tmp (correctly) grows
> +                 * with each call to apr_brigade_split_line.
> +                 *
> +                 * XXX: Currently a stack based buffer of HUGE_STRING_LEN is
> +                 * used. This means we cannot cope with lines larger than
> +                 * HUGE_STRING_LEN which might be an issue.
> +                 */


Any suggestions on both XXX comments above?

Regards

RĂ¼diger