Bug 51590 - The DEFLATE output filter loops infinitely if the first brigade it gets contains only a flush bucket
Summary: The DEFLATE output filter loops infinitely if the first brigade it gets conta...
Status: RESOLVED FIXED
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_deflate (show other bugs)
Version: 2.5-HEAD
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
URL:
Keywords: FixedInTrunk
Depends on:
Blocks:
 
Reported: 2011-07-30 15:22 UTC by Torsten F
Modified: 2012-02-26 17:12 UTC (History)
0 users


Attachments
a fix (620 bytes, patch)
2011-07-30 15:22 UTC, Torsten F 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Torsten F 2011-07-30 15:22:42 UTC 
Created attachment 27332 [details]
a fix

The DEFLATE output filter contains this piece of code (as of server magic number 20110724)

    if (!ctx) {
        char *token;
        const char *encoding;

        /* Delay initialization until we have seen some data */
        e = APR_BRIGADE_FIRST(bb);
        while (1) {
            apr_status_t rc;
            if (e == APR_BRIGADE_SENTINEL(bb))
                return ap_pass_brigade(f->next, bb);
            if (APR_BUCKET_IS_EOS(e)) {
                ap_remove_output_filter(f);
                return ap_pass_brigade(f->next, bb);
            }
            if (APR_BUCKET_IS_METADATA(e))
                continue;

If there is no filter context yet and the passed brigade contains only a metadata bucket (a flush bucket for example) the "continue" statement is hit without changing "e". Hence, it enters an infinite loop.

The last "if" statement should read as follows to fix the problem:

            if (APR_BUCKET_IS_METADATA(e)) {
                e = APR_BUCKET_NEXT(e);
                continue;
            }
Comment 1 Stefan Fritsch 2011-08-01 21:52:42 UTC 
Good catch. Fixed in r1152943. Added a test in r1152942.

How common is the situation that there are (non-EOS) metadata buckets before any data buckets? In your opinion, is this bug a showstopper for the 2.3.14 beta release?
Comment 2 Stefan Fritsch 2012-02-26 17:12:51 UTC 
fixed in 2.4.1