httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ryan Bloom <...@covalent.net>
Subject Re: chunked input core dump on daedalus
Date Thu, 01 Nov 2001 20:49:07 GMT
On Thursday 01 November 2001 12:45 pm, Cliff Woolley wrote:
> On Thu, 1 Nov 2001, Greg Ames wrote:
> > Our magic overloaded mode field:
> >
> > (gdb) p *readbytes
> > $12 = -3
> >
> > core_input_filter thinks this means "read a block, no more than -3
> > long", and ends up trying to partition at offset -3.  I believe the
> > whole thing was looping, possibly driven by  ap_get_client_block, until
> > we run out of memory and seg fault.
>
> It'd be nice if it were checking the return value from
> apr_brigade_partition(), which returns APR_EINVAL if given a negative
> offset... besides, you never know when _partition() might get a failure
> when trying to read a bucket for some reason.
++1

Ryan
______________________________________________________________
Ryan Bloom				rbb@apache.org
Covalent Technologies			rbb@covalent.net
--------------------------------------------------------------

Mime
View raw message