You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by ha...@thebackrow.net on 2001/08/14 21:00:19 UTC
bug #6336, segv in ap_die caused by ap_custom_response
Hey folks,
I'm writing a module for work (Apache 1.3.9 and 1.3.20) that uses an
ap_custom_response() call in the transhandler to set up an internal
redirect on 304 errors, and I've hit the first part of bug 6336:
ap_custom_response sets core_dir_config->response_code_strings to some
memory that's allocated from the request_rec->pool, so the first
request works fine but subsequent ones segfault in ap_die() ... it
looks up response_code_strings, which points to memory that belongs to
the LAST request_rec.
It seems to me that ap_custom_response() is only intended to affect the
current request (r), but ends up affecting all subsequent requests
because it changes the core_dir_config. It seems like the *proper* way
to fix that is to duplicate, response_code_strings in request_rec and
then have the code that looks them up look at the current request
first, and fall through to core_dir_config if nothing is found.
Or to clean out core_dir_config->response_code_strings after every
request, but then we're storing data which is really per-request
someplace else than request-rec, which seems sort of pointless.
Any suggestions? Am I missing something obvious?
--
thanks,
Will