You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2012/08/21 19:42:49 UTC
svn commit: r1375683 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
server/util_script.c
Author: wrowe
Date: Tue Aug 21 17:42:49 2012
New Revision: 1375683
URL: http://svn.apache.org/viewvc?rev=1375683&view=rev
Log:
* core: Fix error handling in ap_scan_script_header_err_brigade() if there
is no EOS bucket in the brigade:
Also don't loop if there is a timeout when discarding the script output.
Thanks to Edgar Frank for the analysis.
Note CHANGES entry omits mention of non-2.2 mod_proxy_fcgi
Backports: r1311174
Submitted by: sf
Reviewed by: rjung, trawick, wrowe
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/server/util_script.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=1375683&r1=1375682&r2=1375683&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Tue Aug 21 17:42:49 2012
@@ -10,6 +10,9 @@ Changes with Apache 2.2.23
possible XSS for a site where untrusted users can upload files to
a location with MultiViews enabled. [Niels Heinen <heinenn google.com>]
+ *) core: Fix error handling in ap_scan_script_header_err_brigade() if there
+ is no EOS bucket in the brigade. PR 48272. [Stefan Fritsch]
+
*) core: Prevent "httpd -k restart" from killing server in presence of
config error. [Joe Orton]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=1375683&r1=1375682&r2=1375683&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Tue Aug 21 17:42:49 2012
@@ -113,15 +113,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
2.2.x patch: http://people.apache.org/~rjung/patches/improve-forbidden-error-message-2_2.patch
+1: rjung, trawick, wrowe
- * core: Fix error handling in ap_scan_script_header_err_brigade() if there
- is no EOS bucket in the brigade:
- Also don't loop if there is a timeout when discarding the script output.
- Thanks to Edgar Frank for the analysis.
- trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1311174
- 2.4.x patch: http://svn.apache.org/viewvc?view=revision&revision=1331414
- 2.2.x patch: trunk patch applies
- +1: rjung, trawick, wrowe
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.2.x/server/util_script.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/server/util_script.c?rev=1375683&r1=1375682&r2=1375683&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/server/util_script.c (original)
+++ httpd/httpd/branches/2.2.x/server/util_script.c Tue Aug 21 17:42:49 2012
@@ -537,7 +537,7 @@ AP_DECLARE(int) ap_scan_script_header_er
if (!buffer) {
/* Soak up all the script output - may save an outright kill */
- while ((*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data)) {
+ while ((*getsfunc)(w, MAX_STRING_LEN - 1, getsfunc_data) > 0) {
continue;
}
}
@@ -626,7 +626,8 @@ static int getsfunc_BRIGADE(char *buf, i
apr_status_t rv;
int done = 0;
- while ((dst < dst_end) && !done && !APR_BUCKET_IS_EOS(e)) {
+ while ((dst < dst_end) && !done && e != APR_BRIGADE_SENTINEL(bb)
+ && !APR_BUCKET_IS_EOS(e)) {
const char *bucket_data;
apr_size_t bucket_data_len;
const char *src;
@@ -660,7 +661,7 @@ static int getsfunc_BRIGADE(char *buf, i
e = next;
}
*dst = 0;
- return 1;
+ return done;
}
AP_DECLARE(int) ap_scan_script_header_err_brigade(request_rec *r,