https://issues.apache.org/bugzilla/show_bug.cgi?id=52605
Bug #: 52605
Summary: LimitRequestLine not taken into account when talking
to CGI script
Product: Apache httpd-2
Version: 2.2.16
Platform: PC
URL: http://bugs.debian.org/638011
OS/Version: Linux
Status: NEW
Severity: minor
Priority: P2
Component: Core
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
From: Riccardo Murri <[email protected]>
As of version 2.2.16, Apache applies a fixed line length limit of 8192
bytes when talking to a CGI script: in file `server/util_script.c`,
function `ap_scan_script_header_err_core`, at lines 403--433,
one can read:
char x[MAX_STRING_LEN];
char *w, *l;
[...]
if (buffer) {
*buffer = '\0';
}
w = buffer ? buffer : x;
[...]
while (1) {
int rv = (*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data);
where `MAX_STRING_LEN` is defined in `httpd.h` to be equal to
`HUGE_STRING_LEN`, that is, 8192.
The directive `LimitRequestLine` should apply here as well, or the
documentation should make it clear that this setting does not
influence the CGI module.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
