httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From grega...@apache.org
Subject cvs commit: httpd-2.0/server protocol.c
Date Wed, 11 Dec 2002 21:03:58 GMT
gregames    2002/12/11 13:03:58

  Modified:    server   protocol.c
  Log:
  ap_get_mime_headers: tighten up the null termination of header line which is
  too long.  getline can return a smaller length that what it actually read in
  that case.
  
  The check for len > limit_fieldsize isn't needed, but we do need to insure
  that getline actually allocated a buffer (and set len) in the case where
  the first socket input buffer is already bigger than the limit.
  
  Revision  Changes    Path
  1.124     +2 -5      httpd-2.0/server/protocol.c
  
  Index: protocol.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/protocol.c,v
  retrieving revision 1.123
  retrieving revision 1.124
  diff -u -r1.123 -r1.124
  --- protocol.c	10 Dec 2002 02:56:26 -0000	1.123
  +++ protocol.c	11 Dec 2002 21:03:58 -0000	1.124
  @@ -772,14 +772,11 @@
           /* ap_rgetline returns APR_ENOSPC if it fills up the buffer before
            * finding the end-of-line.  This is only going to happen if it
            * exceeds the configured limit for a field size.
  -         * The cast is safe, limit_req_fieldsize cannot be negative
            */
  -        if (rv == APR_ENOSPC
  -            || (rv == APR_SUCCESS 
  -                && len > (apr_size_t)r->server->limit_req_fieldsize))
{
  +        if (rv == APR_ENOSPC && field) {
               r->status = HTTP_BAD_REQUEST;
               /* insure ap_escape_html will terminate correctly */
  -            field[r->server->limit_req_fieldsize] = '\0';
  +            field[len - 1] = '\0';
               apr_table_setn(r->notes, "error-notes",
                              apr_pstrcat(r->pool,
                                          "Size of a request header field "
  
  
  

Mime
View raw message