]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7e2e79e)
Backports: r1352911
authorWilliam A. Rowe Jr <wrowe@apache.org>
Thu, 22 Dec 2016 19:27:41 +0000 (19:27 +0000)
committerWilliam A. Rowe Jr <wrowe@apache.org>
Thu, 22 Dec 2016 19:27:41 +0000 (19:27 +0000)
Submitted by: sf
Make sure that a triggering LimitRequestFieldSize is always logged, even if the
first read already exeeds the limit and ap_rgetline does not return a header
name.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x-merge-http-strict@1775710 13f79535-47bb-0310-9956-ffa450edef68

server/protocol.c patch | blob | blame | history

diff --git a/server/protocol.c b/server/protocol.c
index c1aeac4ba20f8dd41d4d0c07875d581798fefbe8..ee4513edd216bcec19590a1bbb7fb9fd474e1885 100644 (file)
--- a/server/protocol.c
+++ b/server/protocol.c
@@ -751,19 +751,29 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb
              * finding the end-of-line.  This is only going to happen if it
              * exceeds the configured limit for a field size.
              */
-            if (rv == APR_ENOSPC && field) {
-                /* ensure ap_escape_html will terminate correctly */
-                field[len - 1] = '\0';
+            if (rv == APR_ENOSPC) {
+                const char *field_escaped;
+                if (field) {
+                    /* ensure ap_escape_html will terminate correctly */
+                    field[len - 1] = '\0';
+                    field_escaped = ap_escape_html(r->pool, field);
+                }
+                else {
+                    field_escaped = field = "";
+                }
+
                 apr_table_setn(r->notes, "error-notes",
                                apr_psprintf(r->pool,
                                            "Size of a request header field "
                                            "exceeds server limit.<br />\n"
                                            "<pre>\n%.*s\n</pre>/n",
-                                           field_name_len(field), 
-                                           ap_escape_html(r->pool, field)));
+                                           field_name_len(field_escaped),
+                                           field_escaped));
                 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, 
-                              "Request header exceeds LimitRequestFieldSize: "
-                              "%.*s", field_name_len(field), field);
+                              "Request header exceeds LimitRequestFieldSize%s"
+                              "%.*s",
+                              *field ? ": " : "",
+                              field_name_len(field), field);
                 ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r,
                               "Request header exceeds LimitRequestFieldSize: "
                               "%.*s", field_name_len(field), field);
Mirror of https://github.com/apache/httpd.git