You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2016/12/22 22:59:59 UTC
svn commit: r1775769 - in /httpd/httpd/branches/2.2.x-merge-http-strict: ./
CHANGES server/protocol.c
Author: wrowe
Date: Thu Dec 22 22:59:59 2016
New Revision: 1775769
URL: http://svn.apache.org/viewvc?rev=1775769&view=rev
Log:
Backports: r1683123
Submitted by: ylavic
core: Avoid a possible truncation of the faulty header included in the
HTML response when LimitRequestFieldSize is reached.
Modified:
httpd/httpd/branches/2.2.x-merge-http-strict/ (props changed)
httpd/httpd/branches/2.2.x-merge-http-strict/CHANGES
httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c
Propchange: httpd/httpd/branches/2.2.x-merge-http-strict/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Dec 22 22:59:59 2016
@@ -1,3 +1,3 @@
/httpd/httpd/branches/2.2.x:1710095,1727544,1758672
/httpd/httpd/branches/2.4.x:1555538,1555559,1648845,1649003,1681034,1682929,1682939
-/httpd/httpd/trunk:290940,395552,417988,451572,501364,583817,583830,611483,630858,639005,639010,647395,657354,657459,660461,660566,664330,678761,680082,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,713575,719357,720250,729316-729317,729586,732414,732504,732816,732832,733127,733134,733218-733219,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394,764239,768535,769809,771587,771610,776325,777042,777091,778438-778439,778531,778942,780648,780655,780692,780697,780699,785457,785661,790587,803704,819480,823536,823563,834378,835046,891282,892678,892808,900022,932791,942209,952823,953311,955966,979120,981084,992625,1026743,1031551,1040304,1040373,1057372,1058192,1070096,1082189,1082196,1090645,1100511,1172732,1178566,1185385,1188745,1200040,1200372,1200374,1213380,1213391,1222335,1223048,1231446,1237407,1244211,1294306,1299738,1300171,1301111,1308862,1327036,1327080,1328133,1328325-1328326,13453
19,1348656,1349905,1352911-1352912,1363183,1363186,1366344,1367778,1368131,1368396,1369568,1392347,1395225,1398066,1400700,1407004,1407088,1407528,1408402,1410681,1413732,1414094,1416889,1418752,1422234,1422253,1433613,1435178,1447426,1470940,1475878,1476604,1476621,1476642,1476644-1476645,1477530,1483005,1484852,1485409,1485668,1490994,1493330,1496429,1500323,1504276,1506714,1509872,1509875,1514215,1524192,1524770,1526168,1526189,1527291,1527295,1527925,1528718,1529559,1529988,1529991,1531505,1532816,1551685,1551714,1552227,1553204,1554276,1554281,1555240,1555555,1556428,1563420,1572092,1572198,1572543,1572611,1572630,1572655,1572663,1572668-1572671,1572896,1572911,1572967,1573224,1573229,1575400,1585090,1586745,1587594,1587639,1588851,1590509,1603156,1604353,1610207,1610311,1610491,1610501,1611165,1611169,1620932,1621453,1643537,1643543,1648840,1649001,1649043,1650310,1650320,1652929,1653997,1657897,1658765,1663647,1664205,1665215,1665218,1665625,1665721,1666363,1674056,1675533,16
76654,1677462,1679182,1679470,1680895,1680900,1680942,1681037,1682923,1682937,1684513,1685345,1685347,1685349-1685350,1688274,1688536,1688538,1710095,1727544
+/httpd/httpd/trunk:290940,395552,417988,451572,501364,583817,583830,611483,630858,639005,639010,647395,657354,657459,660461,660566,664330,678761,680082,681190,682369,683626,685112,686805,686809,687099,687754,693120,693392,693727-693728,696006,697093,706318,707163,708902,711421,713575,719357,720250,729316-729317,729586,732414,732504,732816,732832,733127,733134,733218-733219,734710,743589,755190,756671,756675,756678,756683,757741,761329,763394,764239,768535,769809,771587,771610,776325,777042,777091,778438-778439,778531,778942,780648,780655,780692,780697,780699,785457,785661,790587,803704,819480,823536,823563,834378,835046,891282,892678,892808,900022,932791,942209,952823,953311,955966,979120,981084,992625,1026743,1031551,1040304,1040373,1057372,1058192,1070096,1082189,1082196,1090645,1100511,1172732,1178566,1185385,1188745,1200040,1200372,1200374,1213380,1213391,1222335,1223048,1231446,1237407,1244211,1294306,1299738,1300171,1301111,1308862,1327036,1327080,1328133,1328325-1328326,13453
19,1348656,1349905,1352911-1352912,1363183,1363186,1366344,1367778,1368131,1368396,1369568,1392347,1395225,1398066,1400700,1407004,1407088,1407528,1408402,1410681,1413732,1414094,1416889,1418752,1422234,1422253,1433613,1435178,1447426,1470940,1475878,1476604,1476621,1476642,1476644-1476645,1477530,1483005,1484852,1485409,1485668,1490994,1493330,1496429,1500323,1504276,1506714,1509872,1509875,1514215,1524192,1524770,1526168,1526189,1527291,1527295,1527925,1528718,1529559,1529988,1529991,1531505,1532816,1551685,1551714,1552227,1553204,1554276,1554281,1555240,1555555,1556428,1563420,1572092,1572198,1572543,1572611,1572630,1572655,1572663,1572668-1572671,1572896,1572911,1572967,1573224,1573229,1575400,1585090,1586745,1587594,1587639,1588851,1590509,1603156,1604353,1610207,1610311,1610491,1610501,1611165,1611169,1620932,1621453,1643537,1643543,1648840,1649001,1649043,1650310,1650320,1652929,1653997,1657897,1658765,1663647,1664205,1665215,1665218,1665625,1665721,1666363,1674056,1675533,16
76654,1677462,1679182,1679470,1680895,1680900,1680942,1681037,1682923,1682937,1683123,1684513,1685345,1685347,1685349-1685350,1688274,1688536,1688538,1710095,1727544
Modified: httpd/httpd/branches/2.2.x-merge-http-strict/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x-merge-http-strict/CHANGES?rev=1775769&r1=1775768&r2=1775769&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x-merge-http-strict/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x-merge-http-strict/CHANGES [utf-8] Thu Dec 22 22:59:59 2016
@@ -10,6 +10,9 @@ Changes with Apache 2.2.32
*) core: Enforce LimitRequestFieldSize after multiple headers with the same
name have been merged. [Stefan Fritsch]
+ *) core: Avoid a possible truncation of the faulty header included in the
+ HTML response when LimitRequestFieldSize is reached. [Yann Ylavic]
+
Changes with Apache 2.2.31
*) Correct win32 build issues for mod_proxy exports, OpenSSL 1.0.x headers.
Modified: httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c?rev=1775769&r1=1775768&r2=1775769&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c (original)
+++ httpd/httpd/branches/2.2.x-merge-http-strict/server/protocol.c Thu Dec 22 22:59:59 2016
@@ -738,7 +738,7 @@ AP_DECLARE(void) ap_get_mime_headers_cor
*/
if (rv == APR_ENOSPC) {
const char *field_escaped;
- if (field) {
+ if (field && len) {
/* ensure ap_escape_html will terminate correctly */
field[len - 1] = '\0';
field_escaped = ap_escape_html(r->pool, field);
@@ -777,18 +777,21 @@ AP_DECLARE(void) ap_get_mime_headers_cor
apr_size_t fold_len = last_len + len + 1; /* trailing null */
if (fold_len >= (apr_size_t)(r->server->limit_req_fieldsize)) {
+ const char *field_escaped;
+
r->status = HTTP_BAD_REQUEST;
/* report what we have accumulated so far before the
* overflow (last_field) as the field with the problem
*/
+ field_escaped = ap_escape_html(r->pool, last_field);
apr_table_setn(r->notes, "error-notes",
apr_psprintf(r->pool,
"Size of a request header field "
"after folding "
"exceeds server limit.<br />\n"
- "<pre>\n%.*s\n</pre>\n",
- field_name_len(last_field),
- ap_escape_html(r->pool, last_field)));
+ "<pre>\n%.*s\n</pre>\n",
+ field_name_len(field_escaped),
+ field_escaped));
ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
"Request header exceeds LimitRequestFieldSize "
"after folding: %.*s",