Make sure we write a reasonable status line (e.g., if byterange

author Jeff Trawick <trawick@apache.org>

Mon, 10 Apr 2006 18:04:06 +0000 (18:04 +0000)

committer Jeff Trawick <trawick@apache.org>

Mon, 10 Apr 2006 18:04:06 +0000 (18:04 +0000)
author Jeff Trawick <trawick@apache.org>
Mon, 10 Apr 2006 18:04:06 +0000 (18:04 +0000)
committer Jeff Trawick <trawick@apache.org>
Mon, 10 Apr 2006 18:04:06 +0000 (18:04 +0000)
diff --git a/CHANGES b/CHANGES

index 11c6ff67782590dbaa54247d3ddf695dd4d210be..506d8ff67df2f08698183289215961bbd8f7466b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -14,6 +14,11 @@ Changes with Apache 2.0.56
       ap_escape_html so we escape quotes.  Reported by JPCERT.
       [Mark Cox]
  
+  *) Ensure that the proper status line is written to the client, fixing
+     incorrect status lines caused by filters which modify r->status without 
+     resetting r->status_line, such as the built-in byterange filter.
+     [Jeff Trawick]
+
    *) Default handler: Don't return output filter apr_status_t values.
       PR 31759.  [Jeff Trawick, Ruediger Pluem, Joe Orton]
  
diff --git a/STATUS b/STATUS

index b0bfee434a2ce971179f1a8dace1bf8f7527605e..1e98152b03c4abca4cd73ab3ae365be0b7d4a56b 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -116,19 +116,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
         http://svn.apache.org/viewcvs?rev=390573&view=rev
         +1: wrowe, trawick, rpluem
  
-    *) Make sure we write a reasonable status line (e.g., if byterange
-       filter modifies status and custom status line is left
-       unmodified).
-       http://svn.apache.org/viewcvs.cgi?rev=385581&view=rev
-       2.0 patch is at
-         http://people.apache.org/~trawick/20_validate_status_line.patch
-       +1: trawick, niq, gregames
-       -0: colm
-       colm: Wouldn't it be a whole lot less cycles to use ISDIGIT?
-       trawick: Sure, but that doesn't provide a key check.  We need 
-          to convert to numeric to compare with r->status.
-
-
  PATCHES PROPOSED TO BACKPORT FROM TRUNK:
    [ please place SVN revisions from trunk here, so it is easy to
      identify exactly what the proposed changes are!  Add all new
diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c

index 0bad324c42ee315a790cb923eb11d1baec33ef93..a523be9e432e6daccf567ee3e769b95974a3840c 100644 (file)
--- a/modules/http/http_protocol.c
+++ b/modules/http/http_protocol.c
@@ -1171,6 +1171,24 @@ static apr_status_t send_all_header_fields(header_struct *h,
  #endif
  }
  
+/* Confirm that the status line is well-formed and matches r->status.
+ * Otherwise, a filter may have negated the status line set by a
+ * handler.
+ * Zap r->status_line if bad.
+ */
+static void validate_status_line(request_rec *r)
+{
+    char *end;
+
+    if (r->status_line
+        && (strlen(r->status_line) <= 4
+            || apr_strtoi64(r->status_line, &end, 10) != r->status
+            || *end != ' '
+            || (end - 3) != r->status_line)) {
+        r->status_line = NULL;
+    }
+}
+
  /*
   * Determine the protocol to use for the response. Potentially downgrade
   * to HTTP/1.0 in some situations and/or turn off keepalives.
@@ -1185,6 +1203,8 @@ static void basic_http_header_check(request_rec *r,
          return;
      }
  
+    validate_status_line(r);
+
      if (!r->status_line) {
          r->status_line = status_lines[ap_index_of_response(r->status)];
      }
author	Jeff Trawick <trawick@apache.org>
	Mon, 10 Apr 2006 18:04:06 +0000 (18:04 +0000)
committer	Jeff Trawick <trawick@apache.org>
	Mon, 10 Apr 2006 18:04:06 +0000 (18:04 +0000)
CHANGES		patch \| blob \| blame \| history
STATUS		patch \| blob \| blame \| history
modules/http/http_protocol.c		patch \| blob \| blame \| history