You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2020/07/23 14:09:50 UTC

svn commit: r1880205 - in /httpd/httpd/trunk: CHANGES modules/proxy/mod_proxy_uwsgi.c

Author: ylavic
Date: Thu Jul 23 14:09:50 2020
New Revision: 1880205

URL: http://svn.apache.org/viewvc?rev=1880205&view=rev
Log:
mod_proxy_uwsgi: Error out on HTTP header larger than 16K

The uwsgi protocol does not let us serialize more than 16K of HTTP header,
so fail early with 500 if it happens.


Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/proxy/mod_proxy_uwsgi.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1880205&r1=1880204&r2=1880205&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Thu Jul 23 14:09:50 2020
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.1
 
+  *) mod_proxy_uwsgi: Error out on HTTP header larger than 16K (hard
+     protocol limit).  [Yann Ylavic]
+
   *) mod_dav: Some DAV extensions, like CalDAV, specify both document
      elements and property elements that need to be taken into account
      when generating a property. The document element and property element

Modified: httpd/httpd/trunk/modules/proxy/mod_proxy_uwsgi.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/proxy/mod_proxy_uwsgi.c?rev=1880205&r1=1880204&r2=1880205&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/proxy/mod_proxy_uwsgi.c (original)
+++ httpd/httpd/trunk/modules/proxy/mod_proxy_uwsgi.c Thu Jul 23 14:09:50 2020
@@ -136,7 +136,7 @@ static int uwsgi_send_headers(request_re
     int j;
 
     apr_size_t headerlen = 4;
-    apr_uint16_t pktsize, keylen, vallen;
+    apr_size_t pktsize, keylen, vallen;
     const char *script_name;
     const char *path_info;
     const char *auth;
@@ -178,6 +178,15 @@ static int uwsgi_send_headers(request_re
         headerlen += 2 + strlen(env[j].key) + 2 + (env[j].val ? strlen(env[j].val) : 0);
     }
 
+    pktsize = headerlen - 4;
+    if (pktsize > APR_UINT16_MAX) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO()
+                      "can't send headers to %s:%u: packet size too "
+                      "large (%" APR_SIZE_T_FMT ")",
+                      conn->hostname, conn->port, pktsize);
+        return HTTP_INTERNAL_SERVER_ERROR;
+    }
+
     ptr = buf = apr_palloc(r->pool, headerlen);
 
     ptr += 4;
@@ -198,8 +207,6 @@ static int uwsgi_send_headers(request_re
         ptr += vallen;
     }
 
-    pktsize = headerlen - 4;
-
     buf[0] = 0;
     buf[1] = (apr_byte_t) (pktsize & 0xff);
     buf[2] = (apr_byte_t) ((pktsize >> 8) & 0xff);