Return-Path: Delivered-To: apmail-new-httpd-archive@apache.org Received: (qmail 17098 invoked by uid 500); 10 Aug 2001 16:45:06 -0000 Mailing-List: contact new-httpd-help@apache.org; run by ezmlm Precedence: bulk Reply-To: new-httpd@apache.org list-help: list-unsubscribe: list-post: Delivered-To: mailing list new-httpd@apache.org Received: (qmail 17068 invoked from network); 10 Aug 2001 16:45:06 -0000 X-Authentication-Warning: mako.covalent.net: dougm owned process doing -bs Date: Fri, 10 Aug 2001 09:46:09 -0700 (PDT) From: Doug MacEachern To: Ryan Bloom cc: new-httpd@apache.org Subject: Re: are we ready to roll? - POST thru' mod_ssl In-Reply-To: <0108092042510E.09485@koj.rkbloom.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Rating: h31.sny.collab.net 1.6.2 0/1000/N Status: O X-Status: X-Keywords: X-UID: 439 forget my bandaid, like i said, i know it isn't right. here's what things look like when apr_brigade_partition is called: without-ssl: (gdb) dump_brigade b dump of brigade 0x8243dac 0: bucket=HEAP(0x834b398), length=0, data=0x834b3b8 1: bucket=SOCKET(0x82f0838), length=-1, data=0x8243a7c with-ssl: (gdb) dump_brigade b dump of brigade 0x84e28dc 0: bucket=POOL(0x84f24e0), length=0, data=0x84f2500 so with this brigade, apr_brigade_partition returns APR_EINVAL, but we can't just return that value because there is more data down the chain. my bandaid was trying to keep things not just from crashing, but to trigger an ap_get_brigade call so ap_get_client_block actually gets some data. the brigade above is what was already in ctx->b after reading the headers. now once ap_get_brigade is triggered, we get a bucket with the post data: (gdb) dump_brigade ctx->b dump of brigade 0x84e2b14 0: bucket=POOL(0x8284c20), length=10, data=0x8281fa0 in which case apr_brigade_partition does this: if (point == e->length) { *after_point = APR_BUCKET_NEXT(e); return APR_SUCCESS; but there is only one bucket in the brigade, so APR_BUCKET_NEXT is bogus and things go boom.