Make sure the getsfunc_*() functions used by ap_scan_script_header_err*()
NUL-terminate the resulting string, even in case of an error. mod_cgi and
mod_cgid try to log incomplete output from CGI scripts.
Reviewed by: sf, covener, wrowe
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@
1356894 13f79535-47bb-0310-9956-
ffa450edef68
envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
current working directory to be searched for DSOs. [Stefan Fritsch]
+ *) core: Adjust ap_scan_script_header_err*() to prevent mod_cgi and mod_cgid
+ from logging bogus data in case of errors. [Stefan Fritsch]
+
*) mod_disk_cache, mod_mem_cache: Decline the opportunity to cache if the
response is a 206 Partial Content. This stops a reverse proxied partial
response from becoming cached, and then being served in subsequent
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * core: NUL-terminate string returned by ap_scan_script_header_err*()
- in error case.
- Trunk patch:
- http://svn.apache.org/viewvc?rev=1244211&view=rev
- 2.4.x patch:
- http://svn.apache.org/viewvc?rev=1244213&view=rev
- 2.2.x patch:
- Trunk version works
- +1: sf, covener, wrowe
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
rv = apr_bucket_read(e, &bucket_data, &bucket_data_len,
APR_BLOCK_READ);
if (rv != APR_SUCCESS || (bucket_data_len == 0)) {
+ *dst = '\0';
return APR_STATUS_IS_TIMEUP(rv) ? -1 : 0;
}
src = bucket_data;
const char *p;
int t;
- if (!strs->curpos || !*strs->curpos)
+ if (!strs->curpos || !*strs->curpos) {
+ w[0] = '\0';
return 0;
+ }
p = ap_strchr_c(strs->curpos, '\n');
if (p)
++p;
projects / thirdparty / apache / httpd.git / commitdiff
