You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by André Malo <nd...@perlig.de> on 2005/10/15 21:00:47 UTC
Re: svn commit: r321449 - in /httpd/mod_mbox/trunk/module-2.0: mod_mbox_file.c mod_mbox_index.c
* pquerna@apache.org wrote:
>
> - if (r->header_only)
> - status = OK;
> + if (r->header_only) {
> + return OK;
> + }
Actually I think, any code that checks for header_only is wrong. The core
will take care of it. Not treating HEAD requests special ensures, that the
RFC is fullfilled (HEAD == GET but without a body, in particular the
headers remain the same).
nd
--
sub the($){+shift} sub answer (){ord q
[* It is always 42! *] }
print the answer
# André Malo # http://pub.perlig.de/ #
Re: svn commit: r321449 - in /httpd/mod_mbox/trunk/module-2.0: mod_mbox_file.c
mod_mbox_index.c
Posted by Paul Querna <ch...@force-elite.com>.
Justin Erenkrantz wrote:
> On Sat, Oct 15, 2005 at 12:08:15PM -0700, Paul Querna wrote:
>> Except when we get a HEAD request, r->path_info is filled with bogus
>> data, which causes mod_mbox to crash way deep inside itself.
>
> Why isn't r->path_info filled out correctly?
>
> If the request's path_info itself is bogus, that should be rejected
> outright by mod_mbox regardless of the method. -- justin
(gdb) where
#0 get_base_uri (r=0x60000000001eb598) at mod_mbox.c:197
#1 0x2000000001007a10 in get_base_path (r=0x60000000001eb598)
at mod_mbox.c:178
#2 0x200000000100cfa0 in mbox_static_message (r=0x60000000001eb420,
f=0x600000000020ac60) at mod_mbox_out.c:1103
#3 0x2000000001008ca0 in mbox_file_handler (r=0x60000000001eb420)
at mod_mbox_file.c:231
#4 0x4000000000035f90 in ap_run_handler (r=0x60000000001eb420) at
config.c:153
....
(gdb) f 0
#0 get_base_uri (r=0x60000000001eb598) at mod_mbox.c:197
(gdb) l
192 {
193 char *baseURI, *temp;
194
195 baseURI = apr_pstrdup(r->pool, r->uri);
196 temp = strstr(baseURI, r->path_info);
197 if (temp) {
198 *temp = '\0';
199 }
200 return baseURI;
201 }
(gdb) p r->path_info
$5 = 0x6000000000000019 <Address 0x6000000000000019 out of bounds>
(gdb) p r->header_only
$6 = 1
Feel free to look at it on ajax:
gdb /usr/local/apache2-install/www.apache.org/current/bin/httpd
core.13385
-Paul
Re: svn commit: r321449 - in /httpd/mod_mbox/trunk/module-2.0: mod_mbox_file.c mod_mbox_index.c
Posted by Justin Erenkrantz <ju...@erenkrantz.com>.
On Sat, Oct 15, 2005 at 12:08:15PM -0700, Paul Querna wrote:
> Except when we get a HEAD request, r->path_info is filled with bogus
> data, which causes mod_mbox to crash way deep inside itself.
Why isn't r->path_info filled out correctly?
If the request's path_info itself is bogus, that should be rejected
outright by mod_mbox regardless of the method. -- justin
Re: svn commit: r321449 - in /httpd/mod_mbox/trunk/module-2.0: mod_mbox_file.c
mod_mbox_index.c
Posted by Paul Querna <ch...@force-elite.com>.
André Malo wrote:
> * pquerna@apache.org wrote:
>
>> - if (r->header_only)
>> - status = OK;
>> + if (r->header_only) {
>> + return OK;
>> + }
>
> Actually I think, any code that checks for header_only is wrong. The core
> will take care of it. Not treating HEAD requests special ensures, that the
> RFC is fullfilled (HEAD == GET but without a body, in particular the
> headers remain the same).
Except when we get a HEAD request, r->path_info is filled with bogus
data, which causes mod_mbox to crash way deep inside itself.
-Paul