Bug 49825 - mod_dav PUT treats malformed Content-Range as if it were absent
Summary: mod_dav PUT treats malformed Content-Range as if it were absent
Status: RESOLVED FIXED
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_dav (show other bugs)
Version: 2.5-HEAD
Hardware: All All
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords: FixedInTrunk, RFC
Depends on:
Blocks:
 
Reported: 2010-08-25 21:10 UTC by Wim Lewis
Modified: 2011-02-08 06:44 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Wim Lewis 2010-08-25 21:10:59 UTC
reference: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?revision= 982016&view=markup

In dav_parse_range(), called by dav_method_put(), a failure to parse the Content-Range request-header is treated the same as if the header were absent. I think this is wrong for several reasons:

1, Apache's current behavior is pretty much guaranteed to not be the behavior the client needs or expects; if I'm attempting to patch the middle of a file, I don't want the server to replace the entire file with the patch and then report success.

2, although comments in mod_dav.c indicate that the behavior is motivated by RFC2616 [14.16], the relevant paragraph says: "The recipient of an invalid byte-content-range-spec MUST ignore it and any content transferred along with it." In other words, the server is required *not to use* the request entity-body if it is accompanied by an unparsable Content-Range header.

I think that both RFC2616 and common sense indicate that if dav_parse_range() cannot parse a Content-Range header, Apache should reject the entire request (presumably with an HTTP 400 error code).
Comment 1 Wim Lewis 2010-08-25 21:16:26 UTC
(Possibly related: bug 42978)
Comment 2 Stefan Fritsch 2010-10-24 05:05:35 UTC
Fixed in trunk in r1026743
Comment 3 Ruediger Pluem 2011-02-08 06:44:32 UTC
Backported to 2.2.x as r1068309.