at httpd/server/protocol.c around line static int read_request_line(request_rec *r, apr_bucket_brigade *bb) { ... rv = ap_rgetline(&(r->the_request), (apr_size_t)(r->server->limit_req_line + 2), &len, r, strict ? AP_GETLINE_CRLF : 0, bb); if (rv != APR_SUCCESS) { r->request_time = apr_time_now(); /* ap_rgetline returns APR_ENOSPC if it fills up the * buffer before finding the end-of-line. This is only going to * happen if it exceeds the configured limit for a request-line. */ if (APR_STATUS_IS_ENOSPC(rv)) { r->status = HTTP_REQUEST_URI_TOO_LARGE; } else if (APR_STATUS_IS_TIMEUP(rv)) { r->status = HTTP_REQUEST_TIME_OUT; } else if (APR_STATUS_IS_EINVAL(rv)) { r->status = HTTP_BAD_REQUEST; } r->proto_num = HTTP_VERSION(1,0); r->protocol = "HTTP/1.0"; return 0; } ... However, the function ap_rgetline() can actually return error codes other than APR_ENOSPC, APR_TIMEUP, APR_EINVAL. If the input bb is NULL, it can even return APR_BADARG, and in some cases it returns APR_EGENERAL. These errors are ignored and HTTP status is not correctly set.
Created attachment 36937 [details] APR_BADARG error handling APR_BADARG error handling, APR_EGENERAL case could not be easily handled because it is also triggered at the end of each keepalive connection and it happens when non-blocking is asked too. (server/protocol.c, line 252)