ASF Bugzilla – Attachment 35864 Details for
Bug 62196
Proxy response headers can be thrown away after processing a large header
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Use AP_GETLINE_NOSPC_EOL flag for ap_proxy_read_headers()
ap_proxygetline-AP_GETLINE_NOSPC_EOL.patch (text/plain), 4.00 KB, created by
Yann Ylavic
on 2018-04-12 17:47:19 UTC
(
hide
)
Description:
Use AP_GETLINE_NOSPC_EOL flag for ap_proxy_read_headers()
Filename:
MIME Type:
Creator:
Yann Ylavic
Created:
2018-04-12 17:47:19 UTC
Size:
4.00 KB
patch
obsolete
>Index: modules/proxy/mod_proxy_http.c >=================================================================== >--- modules/proxy/mod_proxy_http.c (revision 1828935) >+++ modules/proxy/mod_proxy_http.c (working copy) >@@ -32,8 +32,8 @@ static apr_status_t ap_proxygetline(apr_bucket_bri > char *s, > int n, > request_rec *r, >- int fold, >- int *writen); >+ int flags, >+ int *read); > > /* > * Canonicalise http-like URLs. >@@ -1098,7 +1098,6 @@ static void ap_proxy_read_headers(request_rec *r, > { > int len; > char *value, *end; >- char field[MAX_STRING_LEN]; > int saw_headers = 0; > void *sconf = r->server->module_config; > proxy_server_conf *psc; >@@ -1122,12 +1121,24 @@ static void ap_proxy_read_headers(request_rec *r, > > tmp_bb = apr_brigade_create(r->pool, c->bucket_alloc); > while (1) { >- rc = ap_proxygetline(tmp_bb, buffer, size, rr, 1, &len); >+ rc = ap_proxygetline(tmp_bb, buffer, size, rr, >+ AP_GETLINE_FOLD | AP_GETLINE_NOSPC_EOL, &len); > > if (len <= 0) > break; > >- ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, "%s", buffer); >+ if (APR_STATUS_IS_ENOSPC(rc)) { >+ /* The header could not fit in the provided buffer, warn. >+ * XXX: falls through with the truncated header too. >+ */ >+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, rc, r, APLOGNO(10124) >+ "header size is over the limit allowed by ResponseFieldSize (%d bytes). " >+ "Bad response header '%s': '%.*s'...", >+ size, buffer, 80, value); >+ } >+ else { >+ ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r, "%s", buffer); >+ } > > if (!(value = strchr(buffer, ':'))) { /* Find the colon separator */ > >@@ -1195,28 +1206,6 @@ static void ap_proxy_read_headers(request_rec *r, > */ > process_proxy_header(r, dconf, buffer, value); > saw_headers = 1; >- >- /* The header could not fit in the provided buffer. */ >- if (rc == APR_ENOSPC) { >- ap_log_rerror(APLOG_MARK, APLOG_WARNING, rc, r, APLOGNO(10124) >- "header size is over the limit allowed by ResponseFieldSize (%d bytes). " >- "Bad response header '%s': '%.*s'...", >- size, buffer, 80, value); >- >- /* XXX: We overran the limit we passed to ap_rgetline_core, but if the length >- * exceeded the limit by a small amount, it may have already been consumed >- * by apr_brigade_split_line called from the core input filter. If that >- * happens, this loop will throw away the next full line (header) instead of >- * the remainder of the current long header. >- */ >- while ((len = ap_getline(field, MAX_STRING_LEN, rr, 1)) >- >= MAX_STRING_LEN - 1) { >- /* soak up the extra data */ >- } >- >- if (len == 0) /* time to exit the larger loop as well */ >- break; >- } > } > } > >@@ -1230,21 +1219,19 @@ static int addit_dammit(void *v, const char *key, > > static > apr_status_t ap_proxygetline(apr_bucket_brigade *bb, char *s, int n, request_rec *r, >- int fold, int *writen) >+ int flags, int *read) > { > char *tmp_s = s; > apr_status_t rv; > apr_size_t len; > >- rv = ap_rgetline(&tmp_s, n, &len, r, fold, bb); >+ rv = ap_rgetline_core(&tmp_s, n, &len, r, flags, bb); > apr_brigade_cleanup(bb); > >- if (rv == APR_SUCCESS) { >- *writen = (int) len; >- } else if (APR_STATUS_IS_ENOSPC(rv)) { >- *writen = n; >+ if (rv == APR_SUCCESS || APR_STATUS_IS_ENOSPC(rv)) { >+ *read = (int)len; > } else { >- *writen = -1; >+ *read = -1; > } > > return rv;
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 62196
: 35864