httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 41143] - Incorrect ap_getline assumption in mod_proxy_http
Date Thu, 28 Jun 2007 22:06:27 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41143>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=41143





------- Additional Comments From rpluem@apache.org  2007-06-28 15:06 -------
(In reply to comment #5)

> Bear with me:
> 
> ap_proxy_read_headers() calls ap_getline() with a buffer of 8192 bytes.
ap_getline()
> creates a brigade and calls ap_rgetline() to get a line of protocol input (and
to copy
> the line to the buffer). ap_rgetline_core() calls ap_get_brigade(AP_MODE_GETLINE)
> which returns a line (brigade) of 8200 bytes (for the sake of example). If all
data

But ap_get_brigade(AP_MODE_GETLINE) returns 8192 bytes at max and it is not
guaranteed that this data contains a LF. It is only guaranteed that
ap_get_brigade(AP_MODE_GETLINE) does not read *past* a LF. See
ap_core_input_filter and apr_brigade_split_line for why.


> 
> Makes sense now?

I agree that current code does it wrong, but I fear that there are other cases
where your patch will do it wrong.


-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message