On 1/31/22 10:10 AM, Ruediger Pluem wrote:
>
>
> On 1/13/22 4:28 AM, wr...@apache.org wrote:
>> Author: wrowe
>> Date: Thu Jan 13 03:28:31 2022
>> New Revision: 1896976
>>
>> URL: http://svn.apache.org/viewvc?rev=1896976&view=rev
>> Log:
>> Propose pcre2 support for backport
>>
>> Modified:
>> httpd/httpd/branches/2.4.x/STATUS
>>
>> Modified: httpd/httpd/branches/2.4.x/STATUS
>> URL:
>> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/STATUS?rev=1896976&r1=1896975&r2=1896976&view=diff
>> ==============================================================================
>> --- httpd/httpd/branches/2.4.x/STATUS (original)
>> +++ httpd/httpd/branches/2.4.x/STATUS Thu Jan 13 03:28:31 2022
>> @@ -150,6 +150,35 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
>> PATCHES PROPOSED TO BACKPORT FROM TRUNK:
>> [ New proposals should be added at the end of the list ]
>>
>> + *) Support PCRE2 (10.x) in place of PCRE (8.x).
>> + Submitted by: wrowe, Petr Pisar [ppisar redhat.com], rjung
>> + trunk patches:
>> + http://svn.apache.org/r1773454
>> + http://svn.apache.org/r1773741
>> + http://svn.apache.org/r1773742
>> + http://svn.apache.org/r1773839
>> + http://svn.apache.org/r1773870
>> + http://svn.apache.org/r1773882
>> + http://svn.apache.org/r1814662
>> + http://svn.apache.org/r1881478
>> + summarized/conflicts resolved:
>> + https://gist.github.com/wrowe/73f655d13bbe0f12030aa4557e804d8a
>> + +1: wrowe
>> + wrowe notes that the current code drops optimizations, owing to the
>> fact
>> + that the ovector is a required allocation and is no longer allocated on
>> + the stack, by design. The correct fix is an apr userdata allocation on
>> + the appropriate pool, which would be thread-safe, but the actual API of
>> + ap_regexec[_len]() offers us no pool and isn't suitable for
>> httpd-2.4.x.
>> + At this time, PCRE 8.45 is EOL and will not receive security updates,
>> + and taking ovector and other arrays off the stack was in direct
>> reaction
>> + to the patterns of abuse of previous pcre exploits. So this patch
>> doesn't
>> + wait for httpd-2.4 to be retired, it will need to be adopted without
>> the
>> + existing optimiation.
>> + jorton: Adding ap_pregexec/_len which pass a pool would also work
>> + for internal users of this api; not sure if performance
>> + impact is significant from using malloc here.
>
>
> Are we now finished with improving the PCRE2 capabilities with regards to
> allocation / performance?
>
> I see the following revisions that would need to be backported on top of the
> above patch:
>
> 1897240
> 1897241
> 1897244
> 1897248
> 1897250
> 1897260
> 1897261
> 1897263
> 1897386
> 1897459
> 1897460
> 1897461
> 1897462
> 1897472
> 1897543
>
>
> Did I miss any?
Looking further into this I guess backporting
1612934
1612940
1613189
makes sense as well (Add compiled and loaded PCRE version numbers to "httpd -V"
output and to mod_info page).
Question is if this should be a separate backport or merged with this backport.
If it is a separate backport, we
have an order dependency between these backports.
Regards
RĂ¼diger
