You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2020/07/24 09:35:25 UTC

svn commit: r1880251 - in /httpd/httpd/branches/2.4.x: ./ CHANGES modules/proxy/mod_proxy_uwsgi.c

Author: ylavic
Date: Fri Jul 24 09:35:25 2020
New Revision: 1880251

URL: http://svn.apache.org/viewvc?rev=1880251&view=rev
Log:
Merge r1880205, r1880214 from trunk:

mod_proxy_uwsgi: Error out on HTTP header larger than 16K

The uwsgi protocol does not let us serialize more than 16K of HTTP header,
so fail early with 500 if it happens.


Follow up to r1880205, APLOGNO().


Submitted by: ylavic
Reviewed by: ylavic, covener, icing

Modified:
    httpd/httpd/branches/2.4.x/   (props changed)
    httpd/httpd/branches/2.4.x/CHANGES
    httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c

Propchange: httpd/httpd/branches/2.4.x/
------------------------------------------------------------------------------
  Merged /httpd/httpd/trunk:r1880205,1880214

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1880251&r1=1880250&r2=1880251&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Fri Jul 24 09:35:25 2020
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.44
 
+  *) mod_proxy_uwsgi: Error out on HTTP header larger than 16K (hard
+     protocol limit).  [Yann Ylavic]
+
   *) mod_http2: 
      Fixes <https://github.com/icing/mod_h2/issues/200>: 
      "LimitRequestFields 0" now disables the limit, as documented.

Modified: httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c?rev=1880251&r1=1880250&r2=1880251&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c (original)
+++ httpd/httpd/branches/2.4.x/modules/proxy/mod_proxy_uwsgi.c Fri Jul 24 09:35:25 2020
@@ -136,7 +136,7 @@ static int uwsgi_send_headers(request_re
     int j;
 
     apr_size_t headerlen = 4;
-    apr_uint16_t pktsize, keylen, vallen;
+    apr_size_t pktsize, keylen, vallen;
     const char *script_name;
     const char *path_info;
     const char *auth;
@@ -178,6 +178,15 @@ static int uwsgi_send_headers(request_re
         headerlen += 2 + strlen(env[j].key) + 2 + strlen(env[j].val);
     }
 
+    pktsize = headerlen - 4;
+    if (pktsize > APR_UINT16_MAX) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10259)
+                      "can't send headers to %s:%u: packet size too "
+                      "large (%" APR_SIZE_T_FMT ")",
+                      conn->hostname, conn->port, pktsize);
+        return HTTP_INTERNAL_SERVER_ERROR;
+    }
+
     ptr = buf = apr_palloc(r->pool, headerlen);
 
     ptr += 4;
@@ -196,8 +205,6 @@ static int uwsgi_send_headers(request_re
         ptr += vallen;
     }
 
-    pktsize = headerlen - 4;
-
     buf[0] = 0;
     buf[1] = (apr_byte_t) (pktsize & 0xff);
     buf[2] = (apr_byte_t) ((pktsize >> 8) & 0xff);