Re: unsupported compression issue seen in 2.3.5-alpha

Sun, 14 Feb 2010 11:47:33 -0800 

This can't be the bug because it's in the input filter code,
but the most recent commit to mod_deflate.c has some UB in it
surrounding the case when readbytes is larger than what's available
in ctx->proc_bb.  In that case bkt is the sentinel for ctx->proc_bb
and calling apr_brigade_split_ex looks wonky.

Anyhow, HTH.

Index: mod_deflate.c
===================================================================
--- mod_deflate.c    (revision 910064)
+++ mod_deflate.c    (working copy)
@@ -1011,11 +1011,13 @@
     }
 
     if (!APR_BRIGADE_EMPTY(ctx->proc_bb)) {
-        /* May return APR_INCOMPLETE which is fine by us. */
-        apr_brigade_partition(ctx->proc_bb, readbytes, &bkt);
-
-        APR_BRIGADE_CONCAT(bb, ctx->proc_bb);
-        apr_brigade_split_ex(bb, bkt, ctx->proc_bb);
+        if (apr_brigade_partition(ctx->proc_bb, readbytes, &bkt) == 
APR_INCOMPLETE) {
+            APR_BRIGADE_CONCAT(bb, ctx->proc_bb);
+        }
+        else {
+            APR_BRIGADE_CONCAT(bb, ctx->proc_bb);
+            apr_brigade_split_ex(bb, bkt, ctx->proc_bb);
+        }
     }
 
     return APR_SUCCESS;




----- Original Message ----
> From: Eric Covener <cove...@gmail.com>
> To: dev@httpd.apache.org
> Sent: Sun, February 14, 2010 1:03:27 PM
> Subject: Re: unsupported compression issue seen in 2.3.5-alpha
> 
> On Sun, Feb 14, 2010 at 1:00 PM, Paul Querna wrote:
> > curl -H 'Accept-Encoding: gzip;' -iL
> > http://httpd.apache.org/docs/2.2/style/css/manual.css  2>/dev/null |
> > head -12
> >
> > What i've been told is, most of the time, this 'works' and you get
> > compressed data.  But sometimes, the same request returns uncompressed
> > data, but with the same headers -- implying that mod_deflate was
> > removed after adding the headers somehow -- this of course will cause
> > browsers to try to decompress it, but since its already decomrpessed,
> > it doesn't work.
> >
> > As far as I know, it has only been reported on 2.3.5 -- not in the
> > earlier 2.3.3 (which the EU machine also ran before 2.3.5).  If you
> > search twitter for 'apache.org' you also see several more reports.
> 
> FWIW, I'd never seen it before this saturday where I saw it for about
> an hour consistently -- browser independent.  C-E: gzip was set but
> not actually compressed.
> 
> 
> -- 
> Eric Covener
> cove...@gmail.com

Reply via email to