Attachment 35864 Details for Bug 62196 – Use AP_GETLINE_NOSPC_EOL flag for ap_proxy_read_headers()

[patch] Use AP_GETLINE_NOSPC_EOL flag for ap_proxy_read_headers()

ap_proxygetline-AP_GETLINE_NOSPC_EOL.patch (text/plain), 4.00 KB, created by Yann Ylavic on 2018-04-12 17:47:19 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Yann Ylavic

Created: 2018-04-12 17:47:19 UTC

Size: 4.00 KB

patch

obsolete

>Index: modules/proxy/mod_proxy_http.c
>===================================================================
>--- modules/proxy/mod_proxy_http.c	(revision 1828935)
>+++ modules/proxy/mod_proxy_http.c	(working copy)
>@@ -32,8 +32,8 @@ static apr_status_t ap_proxygetline(apr_bucket_bri
>                                     char *s,
>                                     int n,
>                                     request_rec *r,
>-                                    int fold,
>-                                    int *writen);
>+                                    int flags,
>+                                    int *read);
> 
> /*
>  * Canonicalise http-like URLs.
>@@ -1098,7 +1098,6 @@ static void ap_proxy_read_headers(request_rec *r,
> {
>     int len;
>     char *value, *end;
>-    char field[MAX_STRING_LEN];
>     int saw_headers = 0;
>     void *sconf = r->server->module_config;
>     proxy_server_conf *psc;
>@@ -1122,12 +1121,24 @@ static void ap_proxy_read_headers(request_rec *r,
> 
>     tmp_bb = apr_brigade_create(r->pool, c->bucket_alloc);
>     while (1) {
>-        rc = ap_proxygetline(tmp_bb, buffer, size, rr, 1, &len);
>+        rc = ap_proxygetline(tmp_bb, buffer, size, rr,
>+                             AP_GETLINE_FOLD | AP_GETLINE_NOSPC_EOL, &len);
> 
>         if (len <= 0)
>             break;
> 
>-        ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, "%s", buffer);
>+        if (APR_STATUS_IS_ENOSPC(rc)) {
>+            /* The header could not fit in the provided buffer, warn.
>+             * XXX: falls through with the truncated header too.
>+             */
>+            ap_log_rerror(APLOG_MARK, APLOG_WARNING, rc, r, APLOGNO(10124)
>+                    "header size is over the limit allowed by ResponseFieldSize (%d bytes). "
>+                    "Bad response header '%s': '%.*s'...",
>+                    size, buffer, 80, value);
>+        }
>+        else {
>+            ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, "%s", buffer);
>+        }
> 
>         if (!(value = strchr(buffer, ':'))) {     /* Find the colon separator */
> 
>@@ -1195,28 +1206,6 @@ static void ap_proxy_read_headers(request_rec *r,
>          */
>         process_proxy_header(r, dconf, buffer, value);
>         saw_headers = 1;
>-
>-        /* The header could not fit in the provided buffer. */
>-        if (rc == APR_ENOSPC) {
>-            ap_log_rerror(APLOG_MARK, APLOG_WARNING, rc, r, APLOGNO(10124)
>-                    "header size is over the limit allowed by ResponseFieldSize (%d bytes). "
>-                    "Bad response header '%s': '%.*s'...",
>-                    size, buffer, 80, value);
>-
>-            /* XXX: We overran the limit we passed to ap_rgetline_core, but if the length
>-             * exceeded the limit by a small amount, it may have already been consumed
>-             * by apr_brigade_split_line called from the core input filter. If that 
>-             * happens, this loop will throw away the next full line (header) instead of
>-             * the remainder of the current long header.
>-             */
>-            while ((len = ap_getline(field, MAX_STRING_LEN, rr, 1))
>-                    >= MAX_STRING_LEN - 1) {
>-                /* soak up the extra data */
>-            }
>-
>-            if (len == 0) /* time to exit the larger loop as well */
>-                break;
>-        }
>     }
> }
> 
>@@ -1230,21 +1219,19 @@ static int addit_dammit(void *v, const char *key,
> 
> static
> apr_status_t ap_proxygetline(apr_bucket_brigade *bb, char *s, int n, request_rec *r,
>-                             int fold, int *writen)
>+                             int flags, int *read)
> {
>     char *tmp_s = s;
>     apr_status_t rv;
>     apr_size_t len;
> 
>-    rv = ap_rgetline(&tmp_s, n, &len, r, fold, bb);
>+    rv = ap_rgetline_core(&tmp_s, n, &len, r, flags, bb);
>     apr_brigade_cleanup(bb);
> 
>-    if (rv == APR_SUCCESS) {
>-        *writen = (int) len;
>-    } else if (APR_STATUS_IS_ENOSPC(rv)) {
>-        *writen = n;
>+    if (rv == APR_SUCCESS || APR_STATUS_IS_ENOSPC(rv)) {
>+        *read = (int)len;
>     } else {
>-        *writen = -1;
>+        *read = -1;
>     }
> 
>     return rv;

Actions: View | Diff

Attachments on bug 62196: 35864