httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jerenkra...@apache.org
Subject cvs commit: httpd-2.0 CHANGES
Date Mon, 17 Feb 2003 04:46:00 GMT
jerenkrantz    2003/02/16 20:46:00

  Modified:    modules/filters mod_deflate.c
               .        CHANGES
  Log:
  Fix potential memory leaks in mod_deflate on malformed input data.
  
  PR: 16046
  
  Revision  Changes    Path
  1.30      +11 -2     httpd-2.0/modules/filters/mod_deflate.c
  
  Index: mod_deflate.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/modules/filters/mod_deflate.c,v
  retrieving revision 1.29
  retrieving revision 1.30
  diff -u -u -r1.29 -r1.30
  --- mod_deflate.c	3 Feb 2003 17:53:01 -0000	1.29
  +++ mod_deflate.c	17 Feb 2003 04:46:00 -0000	1.30
  @@ -610,7 +610,7 @@
           if (rv != APR_SUCCESS) {
               return rv;
           }
  -      
  +
           len = 10; 
           rv = apr_brigade_flatten(ctx->bb, deflate_hdr, &len); 
           if (rv != APR_SUCCESS) {
  @@ -633,6 +633,7 @@
   
           if (zRC != Z_OK) {
               f->ctx = NULL;
  +            inflateEnd(&ctx->stream);
               ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
                             "unable to init Zlib: "
                             "inflateInit2 returned %d: URL %s",
  @@ -652,6 +653,8 @@
           rv = ap_get_brigade(f->next, ctx->bb, mode, block, readbytes);
   
           if (rv != APR_SUCCESS) {
  +            /* What about APR_EAGAIN errors? */
  +            inflateEnd(&ctx->stream);
               return rv;
           }
   
  @@ -661,6 +664,7 @@
   
               /* If we actually see the EOS, that means we screwed up! */
               if (APR_BUCKET_IS_EOS(bkt)) {
  +                inflateEnd(&ctx->stream);
                   return APR_EGENERAL;
               }
   
  @@ -668,6 +672,7 @@
                   apr_bucket *tmp_heap;
                   zRC = inflate(&(ctx->stream), Z_SYNC_FLUSH);
                   if (zRC != Z_OK) {
  +                    inflateEnd(&ctx->stream);
                       return APR_EGENERAL;
                   }
   
  @@ -715,6 +720,7 @@
                   }
   
                   if (zRC != Z_OK) {
  +                    inflateEnd(&ctx->stream);
                       return APR_EGENERAL;
                   }
               }
  @@ -739,22 +745,25 @@
                       unsigned long compCRC, compLen;
                       compCRC = getLong(ctx->stream.next_in);
                       if (ctx->crc != compCRC) {
  +                        inflateEnd(&ctx->stream);
                           return APR_EGENERAL;
                       }
                       ctx->stream.next_in += 4;
                       compLen = getLong(ctx->stream.next_in);
                       if (ctx->stream.total_out != compLen) {
  +                        inflateEnd(&ctx->stream);
                           return APR_EGENERAL;
                       }
                   }
                   else {
                       /* FIXME: We need to grab the 8 verification bytes
                        * from the wire! */
  +                    inflateEnd(&ctx->stream);
                       return APR_EGENERAL;
                   }
   
                   inflateEnd(&ctx->stream);
  -    
  +
                   eos = apr_bucket_eos_create(f->c->bucket_alloc);
                   APR_BRIGADE_INSERT_TAIL(ctx->proc_bb, eos); 
                   break;
  
  
  
  1.1074    +3 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1073
  retrieving revision 1.1074
  diff -u -u -r1.1073 -r1.1074
  --- CHANGES	17 Feb 2003 02:32:20 -0000	1.1073
  +++ CHANGES	17 Feb 2003 04:46:00 -0000	1.1074
  @@ -2,6 +2,9 @@
   
     [Remove entries to the current 2.0 section below, when backported]
   
  +  *) Fix potential memory leaks in mod_deflate on malformed data.  PR 16046.
  +     [Justin Erenkrantz]
  +
     *) Use APR_LAYOUT instead of APACHE_LAYOUT in configure.  PR 15679.
        [Justin Erenkrantz]
   
  
  
  

Mime
View raw message