httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: svn commit: r1755264 - /httpd/httpd/trunk/server/protocol.c
Date Fri, 05 Aug 2016 14:59:07 GMT
On Fri, Aug 5, 2016 at 11:13 AM,  <wrowe@apache.org> wrote:
> Author: wrowe
> Date: Fri Aug  5 09:13:26 2016
> New Revision: 1755264
>
> URL: http://svn.apache.org/viewvc?rev=1755264&view=rev
> Log:
> Stop reflecting irrelevant data to the request error notes, particularly
> for abusive and malformed traffic the non-technical consumer of a user-agent
> has no control over.
>
> Simply take note where the administrator-configured limits have been exceeded,
> that administrator can find details in the error log if desired.
>
>
> Modified:
>     httpd/httpd/trunk/server/protocol.c
>
> Modified: httpd/httpd/trunk/server/protocol.c
> URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/server/protocol.c?rev=1755264&r1=1755263&r2=1755264&view=diff
> ==============================================================================
> --- httpd/httpd/trunk/server/protocol.c (original)
> +++ httpd/httpd/trunk/server/protocol.c Fri Aug  5 09:13:26 2016
> @@ -808,23 +808,9 @@ AP_DECLARE(void) ap_get_mime_headers_cor
>               * exceeds the configured limit for a field size.
>               */
>              if (rv == APR_ENOSPC) {
> -                const char *field_escaped;
> -                if (field && len) {
> -                    /* ensure ap_escape_html will terminate correctly */
> -                    field[len - 1] = '\0';
> -                    field_escaped = ap_escape_html(r->pool, field);
> -                }
> -                else {
> -                    field_escaped = field = "";
> -                }

'field' can still be NULL here when rgetline returns NOSPC, hence
field_name_len(field) below segfaults.

That's I guess what Jim observes in t/apache/limits.t...

Mime
View raw message