axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Murph McCloy (JIRA)" <j...@apache.org>
Subject [jira] Created: (AXIS2C-1387) apache2_stream_read function ignores errors from ap_get_client_block is size_t is unsigned
Date Thu, 13 Aug 2009 17:23:15 GMT
apache2_stream_read function ignores errors from ap_get_client_block is size_t is unsigned
------------------------------------------------------------------------------------------

                 Key: AXIS2C-1387
                 URL: https://issues.apache.org/jira/browse/AXIS2C-1387
             Project: Axis2-C
          Issue Type: Bug
          Components: build system (Unix/Linux)
    Affects Versions: 1.6.0
         Environment: CentOS 5.3
httpd-2.2.3
rampartc-1.3.0
dell precision desktop
            Reporter: Murph McCloy
            Priority: Minor


This problem has only been noticed when attempting to decompress input streams via apache.

The problem occurs when a decompression payload fails to decompress properly.  In my test
case it was because the payload had some flags set in the gzip headers and mod_deflate doesn't
support flags.  mod_deflate then returned an APR_EGENERAL error message.  This message then
bubbled up and was returned as a -1 to apache2_stream_read.

This is a problem because size_t, on my system, is unsigned.  The checks in apache2_stream_read
fail to catch a negative value in this scenario and dont respond appropriately.

while (count - len > 0)
{
    read = ap_get_client_block(stream_impl->request, (char *)buffer + len, count - len);
    if (read > 0)
    {
        len += read;
    }
    else 
    {
        break;
    }
}

The else statement will never get reached while read is unsigned.  Also, the while loop might
have troubles as well.  I would suggest modifying read and len to be ssize_t so they match
the return value of ap_get_client_block.

If I get this modified and working, I will submit a patch.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message