You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by tr...@apache.org on 2002/02/05 23:56:44 UTC
cvs commit: httpd-2.0/server core.c
trawick 02/02/05 14:56:44
Modified: . CHANGES
server core.c
Log:
In core_input_filter, check for an empty brigade after
APR_BRIGADE_NORMALIZE(). Otherwise, we can get segfaults if a
client says it will post some data but we get FIN before any
data arrives.
Revision Changes Path
1.566 +5 -0 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.565
retrieving revision 1.566
diff -u -r1.565 -r1.566
--- CHANGES 5 Feb 2002 15:35:54 -0000 1.565
+++ CHANGES 5 Feb 2002 22:56:44 -0000 1.566
@@ -1,5 +1,10 @@
Changes with Apache 2.0.32-dev
+ *) In core_input_filter, check for an empty brigade after
+ APR_BRIGADE_NORMALIZE(). Otherwise, we can get segfaults if a
+ client says it will post some data but we get FIN before any
+ data arrives. [Jeff Trawick]
+
*) Not being able to bind to the socket is a fatal error. We should
print an error to the console, and return a non-zero status code.
With these changes, all of the Unix MPMs do that correctly.
1.144 +6 -4 httpd-2.0/server/core.c
Index: core.c
===================================================================
RCS file: /home/cvs/httpd-2.0/server/core.c,v
retrieving revision 1.143
retrieving revision 1.144
diff -u -r1.143 -r1.144
--- core.c 5 Feb 2002 22:18:49 -0000 1.143
+++ core.c 5 Feb 2002 22:56:44 -0000 1.144
@@ -3058,14 +3058,16 @@
APR_BRIGADE_INSERT_TAIL(ctx->b, e);
net->in_ctx = ctx;
}
- else if (APR_BRIGADE_EMPTY(ctx->b)) {
- /* hit EOF on socket already */
- return APR_EOF;
- }
/* ### This is bad. */
APR_BRIGADE_NORMALIZE(ctx->b);
+ /* check for empty brigade *AFTER* APR_BRIGADE_NORMALIZE() */
+ if (APR_BRIGADE_EMPTY(ctx->b)) {
+ /* hit EOF on socket already */
+ return APR_EOF;
+ }
+
/* ### AP_MODE_PEEK is a horrific name for this mode because we also
* eat any CRLFs that we see. That's not the obvious intention of
* this mode. Determine whether anyone actually uses this or not. */
Re: cvs commit: httpd-2.0/server core.c
Posted by Jeff Trawick <tr...@attglobal.net>.
Justin Erenkrantz <je...@ebuilt.com> writes:
> On Tue, Feb 05, 2002 at 10:56:44PM -0000, trawick@apache.org wrote:
> > trawick 02/02/05 14:56:44
> >
> > Modified: . CHANGES
> > server core.c
> > Log:
> > In core_input_filter, check for an empty brigade after
> > APR_BRIGADE_NORMALIZE(). Otherwise, we can get segfaults if a
> > client says it will post some data but we get FIN before any
> > data arrives.
>
> Ah, yes. That looks right. Do we think this fixes the
> daedalus cores? -- justin
I'm quite sure it fixes the prevalent scenario. Greg mentioned
another segfault flavor on the input side. I haven't looked at that
one to see what it is about.
--
Jeff Trawick | trawick@attglobal.net | PGP public key at web site:
http://www.geocities.com/SiliconValley/Park/9289/
Born in Roswell... married an alien...
Re: cvs commit: httpd-2.0/server core.c
Posted by Justin Erenkrantz <je...@ebuilt.com>.
On Tue, Feb 05, 2002 at 10:56:44PM -0000, trawick@apache.org wrote:
> trawick 02/02/05 14:56:44
>
> Modified: . CHANGES
> server core.c
> Log:
> In core_input_filter, check for an empty brigade after
> APR_BRIGADE_NORMALIZE(). Otherwise, we can get segfaults if a
> client says it will post some data but we get FIN before any
> data arrives.
Ah, yes. That looks right. Do we think this fixes the
daedalus cores? -- justin