You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Norihito Aimoto <ai...@gmail.com> on 2010/06/04 12:03:39 UTC

[users@httpd] mod_cgi / mod_cgid bug?

Before I submit this to the Apache bug database, I would like to hear
your comment about it.

[Symptom]

I used LimitRequestBody directive and then sent POST request which
size is over the value of LimitRequestBody.
I expected the response of Status 413 with the body which is set for the status.
However I got the Status 413 with the body including not only 413, but also 500.

[Analysis]

It happens when you use mod_cgid / mod_cgi and LimitRequestBody.
It might caused by the following mod_cgi's code :

--- L.836-843 in mod_cgi.c ---

        rv = ap_get_brigade(r->input_filters, bb, AP_MODE_READBYTES,
                            APR_BLOCK_READ, HUGE_STRING_LEN);

        if (rv != APR_SUCCESS) {
            ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
                          "Error reading request entity data");
            return HTTP_INTERNAL_SERVER_ERROR;
        }
-------------------------------------------------

Exceeding LimitRequestBody AP_FILTER_ERROR occurs in ap_get_brigade().
Apache put Status 413's body into the response at that time.

However following code returns HTTP_INTERNAL_SERVER_ERROR.
It means that Apache adds Status 500's body to the response.

I think the code might be like following :

-------------------------------------------------

        rv = ap_get_brigade(r->input_filters, bb, AP_MODE_READBYTES,
                            APR_BLOCK_READ, HUGE_STRING_LEN);

        if (rv != APR_SUCCESS) {
	if (rv == AP_FILTER_ERROR)
		return rv;
	else
		return HTTP_INTERNAL_SERVER_ERROR;
        }
-------------------------------------------------

I mention only mod_cgi, but mod_cgid includes the same issue.

I appriciate your comment.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org