You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Jesse Pelton <js...@pkc.com> on 1998/07/27 17:50:54 UTC

os-windows/2720: ISAPI: loss of POSTed data

>Number:         2720
>Category:       os-windows
>Synopsis:       ISAPI: loss of POSTed data
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Mon Jul 27 10:10:00 PDT 1998
>Last-Modified:
>Originator:     jsp@pkc.com
>Organization:
apache
>Release:        1.3.1
>Environment:
Windows NT Workstation 4.0 SP3
MSVC++ 5.0
Netscape Navigator 3.0, 4.05
Internet Explorer 4.0 (4.72.3110.8)
>Description:
If the data POSTed by a browser exceeds some size, the call to
ap_get_client_block() in isapi_handler() only retrieves the first part of the
data.  The size is not fixed; I've observed the problem with Navigator with
POSTs in the 13K-18K range (of which about 9K-13K was read), and with IE with
POSTs in the 18K range (of which roughly 16K was read).

The browsers are apparently sending the data in chunks, because a subsequent
call to ap_get_client_block() fetches more bytes.
>How-To-Repeat:
POST a lot of data from a form to an ISAPI DLL.  It doesn't seem to make much
difference whether you use a few large inputs or a lot of small ones.  You can
use any valid ISAPI DLL, since the problem is entirely on the server side.
>Fix:
Replace the following code in isapi_handler():

	if ((read = ap_get_client_block(r, ecb->lpbData, to_read)) < 0) {
	    if (isapi_term) (*isapi_term)(HSE_TERM_MUST_UNLOAD);
	    FreeLibrary(isapi_handle);
	    return SERVER_ERROR;
	}

with something like the following:

	read = 0;

	while (to_read - read > 0)
	{
	    long this_read;

	    if ((this_read = ap_get_client_block(r, ecb->lpbData + read, to_read - read)) <= 0) {
		if (isapi_term) (*isapi_term)(HSE_TERM_MUST_UNLOAD);
		FreeLibrary(isapi_handle);
		return SERVER_ERROR;
	    }
	    read += this_read;
	}

This code works, but may not comply with your coding style.
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <ap...@Apache.Org> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]