You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Bill Stoddard <st...@raleigh.ibm.com> on 2001/02/13 21:07:54 UTC

Re: cvs commit: apache-1.3/src/main http_request.c

Should this be APLOG_CRIT? Why not WARN or NOTICE?

Bill

> martin      01/02/13 06:02:29
>
>   Modified:    src/main http_request.c
>   Log:
>   Write log entry for ENAMETOOLONG - it may have been a DoS attack attempt
>
>   Revision  Changes    Path
>   1.161     +2 -0      apache-1.3/src/main/http_request.c
>
>   Index: http_request.c
>   ===================================================================
>   RCS file: /home/cvs/apache-1.3/src/main/http_request.c,v
>   retrieving revision 1.160
>   retrieving revision 1.161
>   diff -u -u -r1.160 -r1.161
>   --- http_request.c 2001/02/12 10:18:04 1.160
>   +++ http_request.c 2001/02/13 14:02:26 1.161
>   @@ -918,6 +918,8 @@
>         * runs of //////'s in a graceful and secure manner.
>         */
>                if (errno == ENAMETOOLONG) {
>   +                ap_log_rerror(APLOG_MARK, APLOG_CRIT, r,
>   +                              "Possible DoS attempt? URL=%s",
r->filename);
>                    rnew->status = HTTP_FORBIDDEN;
>                    return rnew;
>                }