httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject svn commit: r826829 - in /httpd/mod_fcgid/trunk: CHANGES-FCGID modules/fcgid/fcgid_bridge.c
Date Mon, 19 Oct 2009 22:03:31 GMT
Author: trawick
Date: Mon Oct 19 22:03:30 2009
New Revision: 826829

URL: http://svn.apache.org/viewvc?rev=826829&view=rev
Log:
Fix possible corruption or truncation of request bodies which exceed
FcgidMaxRequestInMem.  

If the entire excess had been read from the brigade at the time the
limit was exceeded, the bug would be avoided.

This is a regression since mod_fcgid 2.2, which effectively ignored 
FcgidMaxRequestInMem if larger than 8K, since it reset the cumulative
request_len counter each time it obtained an input brigade of up to
HUGE_STRING_LEN bytes.

PR: 48021

Modified:
    httpd/mod_fcgid/trunk/CHANGES-FCGID
    httpd/mod_fcgid/trunk/modules/fcgid/fcgid_bridge.c

Modified: httpd/mod_fcgid/trunk/CHANGES-FCGID
URL: http://svn.apache.org/viewvc/httpd/mod_fcgid/trunk/CHANGES-FCGID?rev=826829&r1=826828&r2=826829&view=diff
==============================================================================
--- httpd/mod_fcgid/trunk/CHANGES-FCGID [utf8] (original)
+++ httpd/mod_fcgid/trunk/CHANGES-FCGID [utf8] Mon Oct 19 22:03:30 2009
@@ -1,6 +1,11 @@
                                                          -*- coding: utf-8 -*-
 Changes with mod_fcgid 2.3.5
 
+  *) Fix possible corruption or truncation of request bodies which exceed
+     FcgidMaxRequestInMem.  This is a regression since mod_fcgid 2.2, which
+     effectively ignored FcgidMaxRequestInMem if larger than 8K.  PR 48021.
+     [Jeff Trawick]
+
   *) Fix handling of the request body when a FastCGI access checker/
      authenticator/authorizer (AAA) was configured.  The body wasn't available
      for the request handler.  PR 47973.

Modified: httpd/mod_fcgid/trunk/modules/fcgid/fcgid_bridge.c
URL: http://svn.apache.org/viewvc/httpd/mod_fcgid/trunk/modules/fcgid/fcgid_bridge.c?rev=826829&r1=826828&r2=826829&view=diff
==============================================================================
--- httpd/mod_fcgid/trunk/modules/fcgid/fcgid_bridge.c (original)
+++ httpd/mod_fcgid/trunk/modules/fcgid/fcgid_bridge.c Mon Oct 19 22:03:30 2009
@@ -446,7 +446,6 @@
     fcgid_server_conf *sconf = ap_get_module_config(r->server->module_config,
                                                     &fcgid_module);
     int seen_eos;
-    int need_truncate = 1;
 
     /* Stdin header and body */
     /* XXX HACK: I have to read all the request into memory before sending it 
@@ -526,6 +525,15 @@
                     apr_pool_userdata_get(&tmp, fd_key,
                                           r->connection->pool);
                     fd = tmp;
+
+                    if (fd != NULL) {
+                        if ((rv = apr_file_trunc(fd, 0)) != APR_SUCCESS) {
+                            ap_log_rerror(APLOG_MARK, APLOG_WARNING, rv, r,
+                                          "mod_fcgid: can't truncate existing "
+                                          "temporary file");
+                            return HTTP_INTERNAL_SERVER_ERROR;
+                        }
+                    }
                 }
 
                 if (fd == NULL) {
@@ -552,11 +560,8 @@
                     apr_pool_userdata_set((const void *) fd, fd_key,
                                           apr_pool_cleanup_null,
                                           r->connection->pool);
-                } else if (need_truncate) {
-                    need_truncate = 0;
-                    apr_file_trunc(fd, 0);
-                    cur_pos = 0;
                 }
+
                 /* Write request to tmp file */
                 if ((rv =
                      apr_file_write_full(fd, (const void *) data, len,



Mime
View raw message