Our team researches on the consistent edits of Httpd during evolution. And we 
have figured out several spots that may be missed for consistent update. They 
are both about invoking of function, ap_map_http_request_error(). 
We suggest to escape call of function and return the corresponding error code 
directly when this call is under the control dependence where return value of 
ap_get_brigade() does not equal to APR_SUCCESS.


one example of recommendation code snippets is listed as follows:
> 
> 
> static int hm_handler(request_rec *r)
> 
> {
> ....
> buf = apr_pcalloc(r->pool, MAX_MSG_LEN); 
> input_brigade = apr_brigade_create(r->connection->pool, 
> r->connection->bucket_alloc); 
> status = ap_get_brigade(r->input_filters, input_brigade, AP_MODE_READBYTES, 
> APR_BLOCK_READ, MAX_MSG_LEN); 
> if (status != APR_SUCCESS) { 
> return ap_map_http_request_error(status, HTTP_BAD_REQUEST);
> }
> ...
> }


One example of patch that involves consistent edition is:
> 
> 
> status = ap_get_brigade(r->input_filters, input_brigade,
> 
> AP_MODE_READBYTES, APR_BLOCK_READ,
> 
> HUGE_STRING_LEN);
> 
> 
> 
> 
> if (status != APR_SUCCESS) {
> 
> -            return ap_map_http_request_error(status, HTTP_BAD_REQUEST);
> 
> +           return HTTP_BAD_REQUEST;
> 
> }
> 
> }


More recommendations and supporting patches are saved in attachments. It is so 
kind of you to reply me about the correctness of our suggestions. And thank you 
for your reading. 




<<attachment: Httpd-recommendation-example.doc>>

<<attachment: Httpd-patch-example.doc>>

Reply via email to