You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2014/06/06 11:48:10 UTC
[Bug 56598] New: Content-Length header should be always interpreted
as a decimal
https://issues.apache.org/bugzilla/show_bug.cgi?id=56598
Bug ID: 56598
Summary: Content-Length header should be always interpreted as
a decimal
Product: Apache httpd-2
Version: 2.4.9
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P2
Component: libapreq2
Assignee: bugs@httpd.apache.org
Reporter: ctcard@hotmail.com
RFC 2616 defines the Content-Length header as follows:
The Content-Length entity-header field indicates the size of the entity-body,
in decimal number of OCTETs, sent to the recipient or, in the case of the HEAD
method, the size of the entity-body that would have been sent had the request
been a GET.
Content-Length = "Content-Length" ":" 1*DIGIT
This definition allows a Content-Length header like this
Content-Length: 000000000185
which should be interpreted as content having 185 (decimal) octets.
However, Apache 2 is interpreting such a content length value as octal, because
of the leading zeros, and so gives a error message
(20014)Internal error: Invalid Content-Length header (000000000185)
This is due to calls like this (in libapreq2-2.13/module/apache2/filter.c):
apr_uint64_t content_length = apr_strtoi64(cl_header,&dummy,0);
Because the final argument is 0, the number is interpreted as octal, and so in
this example the conversion stops at 0000000001, leaving dummy pointing at
"85", since 8 is not a valid octal digit.
The final argument should be 10 instead of 0, to force the conversion to assume
decimal.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
[Bug 56598] Content-Length header should be always interpreted as a
decimal
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=56598
--- Comment #1 from Christophe JAILLET <ch...@wanadoo.fr> ---
Fixed in Apache in r1626086.
BTW, doc for apr_strtoi64 and apr_strtoff says nothing about this octal
conversion.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org