Commit 5 on 6 to fix reentrance (incomplete Zlib header or validation bytes) in mod_d...

PR 46146 (patches from duplicated PR 55666)

Handle Zlib flags in the inflate input filter as in the output filter, using consume_zlib_flags().

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1572670 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/filters/mod_deflate.c b/modules/filters/mod_deflate.c
index eed159b2301b37e5e1e2e13aa61f36650d0f21a8..a50bc48fc8279a2a95a1108b25abe4b8ad05fc8c 100644 (file)
--- a/modules/filters/mod_deflate.c
+++ b/modules/filters/mod_deflate.c
@@ -1087,10 +1087,10 @@ static apr_status_t deflate_in_filter(ap_filter_t *f,
             return APR_EGENERAL;
         }
 
-        /* We can't handle flags for now. */
-        if (ctx->header[3] != 0) {
+        ctx->zlib_flags = ctx->header[3];
+        if ((ctx->zlib_flags & RESERVED)) {
             ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01388)
-                          "Zlib: Unsupported flags %02x", (int)ctx->header[3]);
+                          "Zlib: Invalid flags %02x", ctx->zlib_flags);
             return APR_EGENERAL;
         }
 
@@ -1188,6 +1188,16 @@ static apr_status_t deflate_in_filter(ap_filter_t *f,
             /* read */
             apr_bucket_read(bkt, &data, &len, APR_BLOCK_READ);
 
+            if (ctx->zlib_flags) {
+                rv = consume_zlib_flags(ctx, &data, &len);
+                if (rv == APR_SUCCESS) {
+                    ctx->zlib_flags = 0;
+                }
+                if (rv == APR_INCOMPLETE || !len) {
+                    continue;
+                }
+            }
+
             /* pass through zlib inflate. */
             ctx->stream.next_in = (unsigned char *)data;
             ctx->stream.avail_in = len;