I just ran across a segfault in the core_output_filter by passing it
an empty brigade. it looks like last_e gets initialized to NULL, but
then we later do !APR_BUCKET_IS_FLUSH(last_e) which causes the blowup.
I guess an empty brigade should indicate we have a module somewhere that
isn't behaving, but do we want the server to segfault?
The following patch allows the server to continue, and place a warning
in the error log. rbb and I discussed this a bit, and couldn't decide
if we wanted this logic in core_output_filter, or in pass_brigade.
I guess it may be possible for filters to want to act on empty brigades,
so I have just put it in the core_output_filter.
Comments?
-Ryan
Index: server/core.c
===================================================================
RCS file: /home/cvspublic/httpd-2.0/server/core.c,v
retrieving revision 1.169
diff -u -r1.169 core.c
--- server/core.c 5 Apr 2002 20:54:59 -0000 1.169
+++ server/core.c 16 Apr 2002 21:44:25 -0000
@@ -3513,6 +3513,13 @@
core_net_rec *net = f->ctx;
core_output_filter_ctx_t *ctx = net->out_ctx;
+ if (APR_BRIGADE_EMPTY(b)) {
+ ap_log_error(APLOG_MARK, APLOG_NOERRNO|APLOG_WARNING, 0,
+ c->base_server,
+ "core_output_filter: ignoring empty brigade");
+ return APR_SUCCESS;
+ }
+
if (ctx == NULL) {
ctx = apr_pcalloc(c->pool, sizeof(*ctx));
net->out_ctx = ctx;
