DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=43589>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=43589 Summary: mod_disk_cache may store invalid body of entity Product: Apache httpd-2 Version: 2.2-HEAD Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: mod_disk_cache AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] mod_disk_cache uses buffered write operation when it stores the body of the entity, but then it doesn't check the result of buffers flush. As a result, the disk can contain invalid body of entity, when the header of the entity is correct. Steps to reproduce one of possible consequences: 1. Use Apache in reverse proxy mode with disk cache (mod_proxy / mod_cache / mod_disk_cache). 2. Fill the disk with Apache's cache, leave 2-3 KB available. 3. Request a file with size < 4 KB (GET request) that is not in the cache yet. 4. Request the same file (GET request), a response will be invalid, with "Content-length: 0" and without body. 5. Try to request information about the same file (HEAD request), it will return correct "Content-length". Detailed description of the reason, per mod_disk_cache.c source: 1. store_body() function uses APR_BUFFERED flag in call to apr_file_mktemp(), so it uses buffered I/O. 2. Result of apr_file_write_full() call in store_body() function is checked, but in case of buffered I/O it can flag successful writing to a buffer only. 3. store_body() function then calls file_cache_el_final() function without checking of result code. 4. file_cache_el_final() function doesn't check result code of apr_file_close() call. In case of buffered I/O apr_file_close() may return error code from unsuccessful call to apr_file_flush(). -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
