httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Erenkrantz <>
Subject Re: don't try this at home
Date Fri, 31 May 2002 00:01:20 GMT
On Thu, May 30, 2002 at 11:02:09AM -0400, Jeff Trawick wrote:
> Running HEAD, we get a segfault when the bogus request is for a
> resource for which we aren't authorized.  Here is the traceback:

In particular, this problem is related to the fact that we have
two errors on this request: 401 and 413.  The problem is that
since 401 was reported "first," the 413 is "lost" in ap_die()
when we find the recursive error (http_request.c:122) and we
reset r->status to 401.

However, 401 isn't listed as a status code that drops the
connection (line 146).  Therefore, ap_die() calls
ap_discard_request_body again - which causes HTTP_IN to get
called again.  But, since we are 413, we're not supposed to
re-read the body.  Oops.

My suggestion is as follows: if the ap_die() code is one that
forces us to drop the connection, we don't report the recursive
error, but instead just report this one.

So the conditional on http_request.c:121 may work as:

if (r->status != HTTP_OK && !ap_status_drops_connection(type)) {

Can you try this?  -- justin

View raw message