You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2016/08/05 09:13:26 UTC
svn commit: r1755264 - /httpd/httpd/trunk/server/protocol.c
Author: wrowe
Date: Fri Aug 5 09:13:26 2016
New Revision: 1755264
URL: http://svn.apache.org/viewvc?rev=1755264&view=rev
Log:
Stop reflecting irrelevant data to the request error notes, particularly
for abusive and malformed traffic the non-technical consumer of a user-agent
has no control over.
Simply take note where the administrator-configured limits have been exceeded,
that administrator can find details in the error log if desired.
Modified:
httpd/httpd/trunk/server/protocol.c
Modified: httpd/httpd/trunk/server/protocol.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1755264&r1=1755263&r2=1755264&view=diff
==============================================================================
--- httpd/httpd/trunk/server/protocol.c (original)
+++ httpd/httpd/trunk/server/protocol.c Fri Aug 5 09:13:26 2016
@@ -808,23 +808,9 @@ AP_DECLARE(void) ap_get_mime_headers_cor
* exceeds the configured limit for a field size.
*/
if (rv == APR_ENOSPC) {
- const char *field_escaped;
- if (field && len) {
- /* ensure ap_escape_html will terminate correctly */
- field[len - 1] = '\0';
- field_escaped = ap_escape_html(r->pool, field);
- }
- else {
- field_escaped = field = "";
- }
-
apr_table_setn(r->notes, "error-notes",
- apr_psprintf(r->pool,
- "Size of a request header field "
- "exceeds server limit.<br />\n"
- "<pre>\n%.*s\n</pre>\n",
- field_name_len(field_escaped),
- field_escaped));
+ "Size of a request header field "
+ "exceeds server limit.");
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00561)
"Request header exceeds LimitRequestFieldSize%s"
"%.*s",
@@ -880,21 +866,13 @@ AP_DECLARE(void) ap_get_mime_headers_cor
fold_len = last_len + len + 1; /* trailing null */
if (fold_len >= (apr_size_t)(r->server->limit_req_fieldsize)) {
- const char *field_escaped;
-
r->status = HTTP_BAD_REQUEST;
/* report what we have accumulated so far before the
* overflow (last_field) as the field with the problem
*/
- field_escaped = ap_escape_html(r->pool, last_field);
apr_table_setn(r->notes, "error-notes",
- apr_psprintf(r->pool,
- "Size of a request header field "
- "after folding "
- "exceeds server limit.<br />\n"
- "<pre>\n%.*s\n</pre>\n",
- field_name_len(field_escaped),
- field_escaped));
+ "Size of a request header field "
+ "exceeds server limit.");
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00562)
"Request header exceeds LimitRequestFieldSize "
"after folding: %.*s",
@@ -949,13 +927,6 @@ AP_DECLARE(void) ap_get_mime_headers_cor
if (!(value = strchr(last_field, ':'))) { /* Find ':' or */
r->status = HTTP_BAD_REQUEST; /* abort bad request */
- apr_table_setn(r->notes, "error-notes",
- apr_psprintf(r->pool,
- "Request header field is "
- "missing ':' separator.<br />\n"
- "<pre>\n%.*s</pre>\n",
- (int)LOG_NAME_MAX_LEN,
- ap_escape_html(r->pool, last_field)));
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00564)
"Request header field is missing ':' "
"separator: %.*s", (int)LOG_NAME_MAX_LEN,
@@ -983,13 +954,6 @@ AP_DECLARE(void) ap_get_mime_headers_cor
value = (char *)ap_scan_http_token(last_field);
if ((value == last_field) || *value != ':') {
r->status = HTTP_BAD_REQUEST;
- apr_table_setn(r->notes, "error-notes",
- apr_psprintf(r->pool,
- "Request header field name "
- "is malformed.<br />\n"
- "<pre>\n%.*s</pre>\n",
- (int)LOG_NAME_MAX_LEN,
- ap_escape_html(r->pool, last_field)));
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(02426)
"Request header field name is malformed: "
"%.*s", (int)LOG_NAME_MAX_LEN, last_field);
@@ -1012,13 +976,6 @@ AP_DECLARE(void) ap_get_mime_headers_cor
*/
if (*tmp_field != '\0') {
r->status = HTTP_BAD_REQUEST;
- apr_table_setn(r->notes, "error-notes",
- apr_psprintf(r->pool,
- "Request header value "
- "is malformed.<br />\n"
- "<pre>\n%.*s</pre>\n",
- (int)LOG_NAME_MAX_LEN,
- ap_escape_html(r->pool, value)));
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(02427)
"Request header value is malformed: "
"%.*s", (int)LOG_NAME_MAX_LEN, value);
Re: svn commit: r1755264 - /httpd/httpd/trunk/server/protocol.c
Posted by Yann Ylavic <yl...@gmail.com>.
On Fri, Aug 5, 2016 at 11:13 AM, <wr...@apache.org> wrote:
> Author: wrowe
> Date: Fri Aug 5 09:13:26 2016
> New Revision: 1755264
>
> URL: http://svn.apache.org/viewvc?rev=1755264&view=rev
> Log:
> Stop reflecting irrelevant data to the request error notes, particularly
> for abusive and malformed traffic the non-technical consumer of a user-agent
> has no control over.
>
> Simply take note where the administrator-configured limits have been exceeded,
> that administrator can find details in the error log if desired.
>
>
> Modified:
> httpd/httpd/trunk/server/protocol.c
>
> Modified: httpd/httpd/trunk/server/protocol.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1755264&r1=1755263&r2=1755264&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/server/protocol.c (original)
> +++ httpd/httpd/trunk/server/protocol.c Fri Aug 5 09:13:26 2016
> @@ -808,23 +808,9 @@ AP_DECLARE(void) ap_get_mime_headers_cor
> * exceeds the configured limit for a field size.
> */
> if (rv == APR_ENOSPC) {
> - const char *field_escaped;
> - if (field && len) {
> - /* ensure ap_escape_html will terminate correctly */
> - field[len - 1] = '\0';
> - field_escaped = ap_escape_html(r->pool, field);
> - }
> - else {
> - field_escaped = field = "";
> - }
'field' can still be NULL here when rgetline returns NOSPC, hence
field_name_len(field) below segfaults.
That's I guess what Jim observes in t/apache/limits.t...