httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: svn commit: r1572703 - /httpd/httpd/trunk/modules/lua/lua_request.c
Date Thu, 27 Feb 2014 21:53:20 GMT
On Thu, Feb 27, 2014 at 8:10 PM, <humbedooh@apache.org> wrote:

> Author: humbedooh
> Date: Thu Feb 27 19:10:55 2014
> New Revision: 1572703
>
> URL: http://svn.apache.org/r1572703
> Log:
> mod_lua: Only read up to whatever the user defines as max size when using
> r:parsebody() - if content length is greater, return an error.
>
> Modified:
>     httpd/httpd/trunk/modules/lua/lua_request.c
>
> Modified: httpd/httpd/trunk/modules/lua/lua_request.c
> URL:
> http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/lua/lua_request.c?rev=1572703&r1=1572702&r2=1572703&view=diff
>
> ==============================================================================
> --- httpd/httpd/trunk/modules/lua/lua_request.c (original)
> +++ httpd/httpd/trunk/modules/lua/lua_request.c Thu Feb 27 19:10:55 2014
> @@ -15,6 +15,8 @@
>   * limitations under the License.
>   */
>
> +#include <mod_core.h>
> +
>  #include "mod_lua.h"
>  #include "lua_apr.h"
>  #include "lua_dbd.h"
> @@ -228,7 +230,8 @@ static int req_aprtable2luatable_cb_len(
>      requests. Used for multipart POST data.
>
> =======================================================================================================================
>   */
> -static int lua_read_body(request_rec *r, const char **rbuf, apr_off_t
> *size)
> +static int lua_read_body(request_rec *r, const char **rbuf, apr_off_t
> *size,
> +        apr_off_t *maxsize)
>

Shouldn't maxsize not be a pointer?  



>  {
>      int rc = OK;
>
> @@ -243,6 +246,9 @@ static int lua_read_body(request_rec *r,
>          apr_off_t length = r->remaining;
>          /*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
>
> +        if (maxsize != 0 && length > maxsize) {
> +            return APR_EINCOMPLETE; /* Only room for incomplete data
> chunk :( */
> +        }
>          *rbuf = (const char *) apr_pcalloc(r->pool, (apr_size_t) (length
> + 1));
>          *size = length;
>          while ((len_read = ap_get_client_block(r, argsbuffer,
> sizeof(argsbuffer))) > 0) {
> @@ -336,7 +342,7 @@ static int req_parsebody(lua_State *L)
>          int         i;
>          size_t      vlen = 0;
>          size_t      len = 0;
> -        if (lua_read_body(r, &data, (apr_off_t*) &size) != OK) {
> +        if (lua_read_body(r, &data, (apr_off_t*) &size, max_post_size) !=
> OK) {
>

IMHO, there really should be no cast needed here.


>              return 2;
>          }
>          len = strlen(multipart);
> @@ -411,7 +417,7 @@ static int lua_ap_requestbody(lua_State
>          if (!filename) {
>              const char     *data;
>
> -            if (lua_read_body(r, &data, &size) != OK)
> +            if (lua_read_body(r, &data, &size, maxSize) != OK)
>                  return (0);
>
>              lua_pushlstring(L, data, (size_t) size);
>
>
>
Regards,
Yann.

Mime
View raw message