You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2006/03/03 09:52:01 UTC
DO NOT REPLY [Bug 38837] New: - post data >8k overflow via mod_ssl and mod_proxy ProxyPass
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=38837>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38837
Summary: post data >8k overflow via mod_ssl and mod_proxy
ProxyPass
Product: Apache httpd-2
Version: 2.0.55
Platform: PC
OS/Version: FreeBSD
Status: NEW
Severity: normal
Priority: P2
Component: Core
AssignedTo: bugs@httpd.apache.org
ReportedBy: aragon@phat.za.net
Hi,
When data exceeding 8192 bytes is posted to a ProxyPass'd URL in an SSL
virtualhost, mod_proxy or mod_ssl overflows the data and transforms it in such
a way that it is useless after it is proxied.
I am able to consistently reproduce this as follows.
In a SSL virtualhost block:
<Location /test.cgi>
ProxyPass http://127.0.0.1:9010/test.cgi
</Location>
http://127.0.0.1:9010/ is a netcat listener whose output I'm teeing to a file.
I generated post data looking like this:
data=by10te0001by10te0002by10te0003... etc.
Each by10teXXXX is 10 bytes and repeats until the post data is 8200 bytes long
(including data=).
I submit it with curl: curl -d $( cat testdata.txt )
https://securesite/test.cgi
The tee output from netcat is:
---
POST /test.cgi HTTP/1.1^M
Host: 127.0.0.1:9010^M
User-Agent: curl/7.15.1 (i386-portbld-freebsd5.4) libcurl/7.15.1 OpenSSL/0.9.7e
zlib/1.2.1^M
Accept: */*^M
Content-Type: application/x-www-form-urlencoded^M
Expect: 100-continue^M
Max-Forwards: 10^M
X-Forwarded-For: <snip>^M
X-Forwarded-Host: <snip>^M
X-Forwarded-Server: <snip>^M
Content-Length: 8200^M
^M
819by10t0te0001by10te0002by10te0003<snip>by10te0818by10te0819by10t
---
I've <snip>'d information for briefness sake.
The post data comes out to 8200 bytes long, but has overflowed in some way and
been transformed.
If I perform this post to a ProxyPass that does not run in an SSL virtualhost,
it goes through unaltered.
Thanks,
Aragon
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 38837] - post data >8k overflow via mod_ssl and mod_proxy ProxyPass
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=38837>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38837
rpluem@apache.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE
------- Additional Comments From rpluem@apache.org 2006-03-03 15:14 -------
*** This bug has been marked as a duplicate of 37145 ***
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org