Return-Path: Delivered-To: apmail-httpd-apreq-dev-archive@www.apache.org Received: (qmail 34904 invoked from network); 30 May 2006 22:10:30 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 30 May 2006 22:10:30 -0000 Received: (qmail 99610 invoked by uid 500); 30 May 2006 22:10:29 -0000 Delivered-To: apmail-httpd-apreq-dev-archive@httpd.apache.org Received: (qmail 99589 invoked by uid 500); 30 May 2006 22:10:28 -0000 Mailing-List: contact apreq-dev-help@httpd.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Id: Delivered-To: mailing list apreq-dev@httpd.apache.org Received: (qmail 99578 invoked by uid 99); 30 May 2006 22:10:28 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 May 2006 15:10:28 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_HELO_PASS,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of bojan@rexursive.com designates 203.171.74.242 as permitted sender) Received: from [203.171.74.242] (HELO beauty.rexursive.com) (203.171.74.242) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 30 May 2006 15:10:27 -0700 Received: by beauty.rexursive.com (Postfix, from userid 48) id A97381AF281; Wed, 31 May 2006 08:10:04 +1000 (EST) Received: from cache1.syd.ops.aspac.uu.net (cache1.syd.ops.aspac.uu.net [203.166.96.235]) by www.rexursive.com (Horde MIME library) with HTTP; Wed, 31 May 2006 08:10:04 +1000 Message-ID: <20060531081004.hcyfxx1bcocg4sg4@www.rexursive.com> Date: Wed, 31 May 2006 08:10:04 +1000 From: Bojan Smojver To: apreq-dev@httpd.apache.org Subject: Re: Endless loop in split_on_bdry() of library/parser_multipart.c? References: <1148955189.2956.132.camel@coyote.rexursive.com> <447CA52A.6090501@p6m7g8.com> In-Reply-To: <447CA52A.6090501@p6m7g8.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Internet Messaging Program (IMP) H3 (4.1.1) X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Quoting "Philip M. Gollucci" : > You might try using Apache2::DebugFilter to see what buckets are > getting passed, but I think > the apreq filter is hooked before that. I'm guessing this is a Perl thing. I'm in C, so this probably isn't =20 going to be very useful. I'm watching the whole thing in gdb anyway. > Being that bucket brigades are doubly linked circular lists, and the > code is checking it hasn't looped on the list (aka ring) yet, it must > be missing it. Probably because it got removed from it (in). Maybe we > need to save the first bucket of the list somewhere. and change the > comparison. This code is hit when there is a partial match. In this particular =20 case, the boundary is set to "\r\n--LYNX". The partial match is "\r" =20 and off is set to 1. However, the ending condition seems to be never =20 met in that while loop. To make matters worse, it's not as straightforward as one would think. =20 The whole thing seems to depend on how the buckets are lined up inside =20 the brigade. And, compiler options appear to affect the whole thing as =20 well. With -O2, I can see the problem. With -O0, I can't. I'll keep looking... --=20 Bojan