httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jean-frederic clere <jfrederic.cl...@fujitsu-siemens.com>
Subject Re: Funny stuff with content negotiation
Date Fri, 26 Jan 2001 17:38:18 GMT
Jeff Trawick wrote:
> 
> Jeff Trawick <trawickj@bellsouth.net> writes:
> 
> > The Content-Type header field is FUBAR:
> >
> > Breakpoint 4, form_header_field (h=0xbfffb918,
> >     fieldname=0x80ea996 "Content-Type",
> >     fieldval=0x81585d4 "cept-Ranges: bytes\r\nContent-Length: 1311\r\nConnection:
close\r\n") at http_protocol.c:1791
> > 1791        headfield = apr_pstrcat(h->r->pool, fieldname, ": ", fieldval,
CRLF, NULL);
> >
> > This explains at least part of the bogosity.
> 
> The problem is that the buffer for headers is not large enough.  The
> allocation was moved to a point before where we call
> compute_header_len() on the table, so the len variable is way too
> small when we alloc the buffer.  As we later build the header we
> overlay the storage where the individual header fields lived, thus
> corrupting the table.
> 
> I'll start looking at a fix now (something other than getting a
> 10000-byte header buffer, which is what I'm doing now :) ).
> --
> Jeff Trawick | trawickj@bellsouth.net | PGP public key at web site:
>        http://www.geocities.com/SiliconValley/Park/9289/
>              Born in Roswell... married an alien...

Yes - That what I have found...

A temp dirty
work_around:apache20@vtxclere:~/apache/httpd-2.0/modules/http > cvs diff
http_protocol.c
Index: http_protocol.c
===================================================================
RCS file: /home/cvs/apache/httpd-2.0/modules/http/http_protocol.c,v
retrieving revision 1.277
diff -u -r1.277 http_protocol.c
--- http_protocol.c     2001/01/24 23:47:42     1.277
+++ http_protocol.c     2001/01/26 17:28:09
@@ -2482,7 +2482,7 @@
     /* Need to add a fudge factor so that the CRLF at the end of the
headers
      * and the basic http headers don't overflow this buffer.
      */
-    len += strlen(ap_get_server_version()) + 100;
+    len += strlen(ap_get_server_version()) + 1000;
     buff_start = buff = apr_pcalloc(r->pool, len);
     ap_basic_http_header(r, buff);
     buff +=
strlen(buff);                                                      
+++

Sure that on Monday someone will have fixed it cleanly :=)

Cheers

Jean-frederic

+++

Mime
View raw message