You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2014/07/18 23:03:41 UTC
svn commit: r1611806 - in /httpd/httpd/branches/2.2.x: ./ CHANGES STATUS
modules/filters/mod_deflate.c
Author: ylavic
Date: Fri Jul 18 21:03:41 2014
New Revision: 1611806
URL: http://svn.apache.org/r1611806
Log:
Merge r1572092 from trunk:
mod_deflate: fix decompression of files larger than 4GB. According to RFC1952,
Input SIZE (compLen) contains the size of the original input data modulo 2^32.
PR: 56062
Submitted by: Lukas Bezdicka
Reviewed by: ylavic, breser, wrowe
Modified:
httpd/httpd/branches/2.2.x/ (props changed)
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/filters/mod_deflate.c
Propchange: httpd/httpd/branches/2.2.x/
------------------------------------------------------------------------------
Merged /httpd/httpd/trunk:r1572092
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1611806&r1=1611805&r2=1611806&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Fri Jul 18 21:03:41 2014
@@ -21,6 +21,9 @@ Changes with Apache 2.2.28
Fix a race condition in scoreboard handling, which could lead to
a heap buffer overflow. [Joe Orton, Eric Covener, Jeff Trawick]
+ *) mod_deflate: Fix inflation of files larger than 4GB. PR 56062.
+ [Lukas Bezdicka <social v3.sk>]
+
*) mod_dav: Fix improper encoding in PROPFIND responses. PR 56480.
[Ben Reser]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1611806&r1=1611805&r2=1611806&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Fri Jul 18 21:03:41 2014
@@ -99,16 +99,6 @@ RELEASE SHOWSTOPPERS:
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_deflate: Fix decompression of files larger than 4GB. According to RFC1952,
- Input SIZE contains the size of the original input data modulo 2^32.
- PR 56062.
- trunk patch: http://svn.apache.org/r1572092
- http://svn.apache.org/r1603156 (partially, CHANGES update)
- 2.4.x patch: http://svn.apache.org/r1604460 (2.4.10)
- 2.2.x patch: http://people.apache.org/~ylavic/httpd-2.2.x-mod_deflate_4GB.patch
- (modulo CHANGES)
- +1: ylavic, breser, wrowe
-
* mod_proxy: Don't reuse a SSL backend connection whose SNI differs. PR 55782.
This may happen when ProxyPreserveHost is on and the proxy-worker
handles connections to different Hosts.
Modified: httpd/httpd/branches/2.2.x/modules/filters/mod_deflate.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/filters/mod_deflate.c?rev=1611806&r1=1611805&r2=1611806&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/filters/mod_deflate.c (original)
+++ httpd/httpd/branches/2.2.x/modules/filters/mod_deflate.c Fri Jul 18 21:03:41 2014
@@ -1062,7 +1062,8 @@ static apr_status_t deflate_in_filter(ap
}
ctx->stream.next_in += 4;
compLen = getLong(ctx->stream.next_in);
- if (ctx->stream.total_out != compLen) {
+ /* gzip stores original size only as 4 byte value */
+ if ((ctx->stream.total_out & 0xFFFFFFFF) != compLen) {
inflateEnd(&ctx->stream);
return APR_EGENERAL;
}
@@ -1253,7 +1254,8 @@ static apr_status_t inflate_out_filter(a
}
ctx->validation_buffer += VALIDATION_SIZE / 2;
compLen = getLong(ctx->validation_buffer);
- if (ctx->stream.total_out != compLen) {
+ /* gzip stores original size only as 4 byte value */
+ if ((ctx->stream.total_out & 0xFFFFFFFF) != compLen) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"Zlib: Length of inflated stream invalid");
return APR_EGENERAL;