httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rede...@apache.org
Subject cvs commit: httpd-2.0/server core.c protocol.c
Date Mon, 01 Mar 2004 21:40:44 GMT
rederpj     2004/03/01 13:40:44

  Modified:    .        CHANGES
               server   core.c protocol.c
  Log:
   *) Remove compile-time length limit on request strings. Length is
      now enforced solely with the LimitRequestLine config directive.
      [Paul J. Reder]
  
  Revision  Changes    Path
  1.1414    +4 -0      httpd-2.0/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/CHANGES,v
  retrieving revision 1.1413
  retrieving revision 1.1414
  diff -u -r1.1413 -r1.1414
  --- CHANGES	29 Feb 2004 14:54:24 -0000	1.1413
  +++ CHANGES	1 Mar 2004 21:40:44 -0000	1.1414
  @@ -2,6 +2,10 @@
   
     [Remove entries to the current 2.0 section below, when backported]
   
  +  *) Remove compile-time length limit on request strings. Length is
  +     now enforced solely with the LimitRequestLine config directive.
  +     [Paul J. Reder]
  +
     *) mod_ssl: Send the Close Alert message to the peer before closing
        the SSL session. [Madhusudan Mathihalli, Joe Orton]
   
  
  
  
  1.264     +0 -6      httpd-2.0/server/core.c
  
  Index: core.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/core.c,v
  retrieving revision 1.263
  retrieving revision 1.264
  diff -u -r1.263 -r1.264
  --- core.c	29 Feb 2004 00:25:48 -0000	1.263
  +++ core.c	1 Mar 2004 21:40:44 -0000	1.264
  @@ -2437,12 +2437,6 @@
                              "\" must be a non-negative integer", NULL);
       }
   
  -    if (lim > DEFAULT_LIMIT_REQUEST_LINE) {
  -        return apr_psprintf(cmd->temp_pool, "LimitRequestLine \"%s\" "
  -                            "must not exceed the precompiled maximum of %d",
  -                            arg, DEFAULT_LIMIT_REQUEST_LINE);
  -    }
  -
       cmd->server->limit_req_line = lim;
       return NULL;
   }
  
  
  
  1.146     +13 -14    httpd-2.0/server/protocol.c
  
  Index: protocol.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/server/protocol.c,v
  retrieving revision 1.145
  retrieving revision 1.146
  diff -u -r1.145 -r1.146
  --- protocol.c	9 Feb 2004 20:40:49 -0000	1.145
  +++ protocol.c	1 Mar 2004 21:40:44 -0000	1.146
  @@ -577,11 +577,22 @@
            * if there are empty lines
            */
           r->the_request = NULL;
  -        rv = ap_rgetline(&(r->the_request), DEFAULT_LIMIT_REQUEST_LINE + 2,
  +        rv = ap_rgetline(&(r->the_request), (apr_size_t)(r->server->limit_req_line
+ 2),
                            &len, r, 0, bb);
   
           if (rv != APR_SUCCESS) {
               r->request_time = apr_time_now();
  +
  +            /* ap_rgetline returns APR_ENOSPC if it fills up the
  +             * buffer before finding the end-of-line.  This is only going to
  +             * happen if it exceeds the configured limit for a request-line.
  +             */
  +            if (rv == APR_ENOSPC) {
  +                r->status    = HTTP_REQUEST_URI_TOO_LARGE;
  +                r->proto_num = HTTP_VERSION(1,0);
  +                r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
  +            }
  +
               return 0;
           }
       } while ((len <= 0) && (++num_blank_lines < max_blank_lines));
  @@ -611,18 +622,6 @@
   
       ap_parse_uri(r, uri);
   
  -    /* ap_getline returns (size of max buffer - 1) if it fills up the
  -     * buffer before finding the end-of-line.  This is only going to
  -     * happen if it exceeds the configured limit for a request-line.
  -     * The cast is safe, limit_req_line cannot be negative
  -     */
  -    if (len > (apr_size_t)r->server->limit_req_line) {
  -        r->status    = HTTP_REQUEST_URI_TOO_LARGE;
  -        r->proto_num = HTTP_VERSION(1,0);
  -        r->protocol  = apr_pstrdup(r->pool, "HTTP/1.0");
  -        return 0;
  -    }
  -
       if (ll[0]) {
           r->assbackwards = 0;
           pro = ll;
  @@ -856,7 +855,7 @@
       if (!read_request_line(r, tmp_bb)) {
           if (r->status == HTTP_REQUEST_URI_TOO_LARGE) {
               ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
  -                          "request failed: URI too long");
  +                          "request failed: URI too long (longer than %d)", r->server->limit_req_line);
               ap_send_error_response(r, 0);
               ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r);
               ap_run_log_transaction(r);
  
  
  

Mime
View raw message