DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=41143>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41143 ------- Additional Comments From [EMAIL PROTECTED] 2007-06-28 14:50 ------- (In reply to comment #4) > (In reply to comment #0) > > The misplaced ap_getline may discard a valid header after a too long header, > > ap_getline already discards extra data. > > I am no sure if this is true in the case that the header is larger than 16KB, > because in this case ap_rgetline_core will be left after the second > ap_get_brigade (in the case we only have the ap_core_input_filter in the input > filter chain, not checked the SSL case) which only read 16KB from the socket. > Bear with me: ap_proxy_read_headers() calls ap_getline() with a buffer of 8192 bytes. ap_getline() creates a brigade and calls ap_rgetline() to get a line of protocol input (and to copy the line to the buffer). ap_rgetline_core() calls ap_get_brigade(AP_MODE_GETLINE) which returns a line (brigade) of 8200 bytes (for the sake of example). If all data is in the first bucket, the line size could overflow the buffer, then APR_ENOSPC is returned. ap_getline sees the APR_ENOSPC and returns the buffer size. We have two problems here. First, if the data of the first bucket overflows the buffer, the data is not copied but ap_getline returns the size of the buffer (meaning that the data was copied). Second, ap_proxy_read_headers checks if the returned len is >= than the buffer size-1, if so, it calls ap_getline again, but the line was already read by ap_get_brigade and discarded. Makes sense now? -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
