You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Yann Ylavic <yl...@gmail.com> on 2016/08/05 14:59:07 UTC

Re: svn commit: r1755264 - /httpd/httpd/trunk/server/protocol.c

On Fri, Aug 5, 2016 at 11:13 AM,  <wr...@apache.org> wrote:
> Author: wrowe
> Date: Fri Aug  5 09:13:26 2016
> New Revision: 1755264
>
> URL: http://svn.apache.org/viewvc?rev=1755264&view=rev
> Log:
> Stop reflecting irrelevant data to the request error notes, particularly
> for abusive and malformed traffic the non-technical consumer of a user-agent
> has no control over.
>
> Simply take note where the administrator-configured limits have been exceeded,
> that administrator can find details in the error log if desired.
>
>
> Modified:
>     httpd/httpd/trunk/server/protocol.c
>
> Modified: httpd/httpd/trunk/server/protocol.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1755264&r1=1755263&r2=1755264&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/server/protocol.c (original)
> +++ httpd/httpd/trunk/server/protocol.c Fri Aug  5 09:13:26 2016
> @@ -808,23 +808,9 @@ AP_DECLARE(void) ap_get_mime_headers_cor
>               * exceeds the configured limit for a field size.
>               */
>              if (rv == APR_ENOSPC) {
> -                const char *field_escaped;
> -                if (field && len) {
> -                    /* ensure ap_escape_html will terminate correctly */
> -                    field[len - 1] = '\0';
> -                    field_escaped = ap_escape_html(r->pool, field);
> -                }
> -                else {
> -                    field_escaped = field = "";
> -                }

'field' can still be NULL here when rgetline returns NOSPC, hence
field_name_len(field) below segfaults.

That's I guess what Jim observes in t/apache/limits.t...