You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by je...@apache.org on 2005/12/07 01:21:41 UTC
svn commit: r354630 - in /httpd/httpd/trunk: CHANGES
modules/http/http_filters.c
Author: jerenkrantz
Date: Tue Dec 6 16:21:38 2005
New Revision: 354630
URL: http://svn.apache.org/viewcvs?rev=354630&view=rev
Log:
If a connection aborts while waiting for a chunked line, flag the connection as
errored out and send errors upwards.
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/http/http_filters.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?rev=354630&r1=354629&r2=354630&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Dec 6 16:21:38 2005
@@ -2,6 +2,9 @@
Changes with Apache 2.3.0
[Remove entries to the current 2.0 and 2.2 section below, when backported]
+ *) If a connection is aborted while waiting for a chunked line, flag the
+ connection as errored out. [Justin Erenkrantz]
+
*) mod_proxy: If we get an error reading the upstream response,
close the connection. [Brian Akins, Justin Erenkrantz]
Modified: httpd/httpd/trunk/modules/http/http_filters.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/modules/http/http_filters.c?rev=354630&r1=354629&r2=354630&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/http/http_filters.c (original)
+++ httpd/httpd/trunk/modules/http/http_filters.c Tue Dec 6 16:21:38 2005
@@ -215,11 +215,12 @@
if (rv == APR_SUCCESS) {
/* We have to check the length of the brigade we got back.
- * We will not accept partial lines.
+ * We will not accept partial or blank lines.
*/
rv = apr_brigade_length(bb, 1, &brigade_length);
if (rv == APR_SUCCESS
- && brigade_length > f->r->server->limit_req_line) {
+ && (!brigade_length ||
+ brigade_length > f->r->server->limit_req_line)) {
rv = APR_ENOSPC;
}
if (rv == APR_SUCCESS) {
@@ -277,6 +278,7 @@
char line[30];
apr_bucket_brigade *bb;
apr_size_t len = 30;
+ apr_status_t http_error = HTTP_REQUEST_ENTITY_TOO_LARGE;
bb = apr_brigade_create(f->r->pool, f->c->bucket_alloc);
@@ -292,7 +294,14 @@
if (rv == APR_SUCCESS) {
rv = apr_brigade_flatten(bb, line, &len);
if (rv == APR_SUCCESS) {
- ctx->remaining = get_chunk_size(line);
+ /* Wait a sec, that's a blank line! Oh no. */
+ if (!len) {
+ rv = APR_EGENERAL;
+ http_error = HTTP_SERVICE_UNAVAILABLE;
+ }
+ else {
+ ctx->remaining = get_chunk_size(line);
+ }
}
}
apr_brigade_cleanup(bb);
@@ -300,16 +309,19 @@
/* Detect chunksize error (such as overflow) */
if (rv != APR_SUCCESS || ctx->remaining < 0) {
+ apr_status_t out_error;
+
ctx->remaining = 0; /* Reset it in case we have to
* come back here later */
- e = ap_bucket_error_create(HTTP_REQUEST_ENTITY_TOO_LARGE,
+ e = ap_bucket_error_create(http_error,
NULL, f->r->pool,
f->c->bucket_alloc);
APR_BRIGADE_INSERT_TAIL(bb, e);
e = apr_bucket_eos_create(f->c->bucket_alloc);
APR_BRIGADE_INSERT_TAIL(bb, e);
ctx->eos_sent = 1;
- return ap_pass_brigade(f->r->output_filters, bb);
+ out_error = ap_pass_brigade(f->r->output_filters, bb);
+ return rv;
}
if (!ctx->remaining) {