From: Paul J. Reder Date: Tue, 15 Jul 2003 21:41:18 +0000 (+0000) Subject: Update the header token parsing code to allow LWS between the X-Git-Tag: 2.0.48~213 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bef3cdea219878c73bb89f368be7c3fb2563b265;p=thirdparty%2Fapache%2Fhttpd.git Update the header token parsing code to allow LWS between the token word and the ':' seperator. [PR 16520] [submitted: Kris Verbeeck and Nicel KM ] [Reviewed: and Paul J. Reder] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_2_0_BRANCH@100641 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index 25d73509123..9865c580b0d 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,12 @@ Changes with Apache 2.0.48 + *) Update the header token parsing code to allow LWS between the + token word and the ':' seperator. [PR 16520] + [submitted: Kris Verbeeck and + Nicel KM ] + [Reviewed: and + Paul J. Reder] + *) Eliminate creation of a temporary table in ap_get_mime_headers_core() Submitted by: Joe Schaefer Reviewed by: Brian Pane diff --git a/STATUS b/STATUS index e8038b6c6b9..4e129faa819 100644 --- a/STATUS +++ b/STATUS @@ -1,5 +1,5 @@ APACHE 2.0 STATUS: -*-text-*- -Last modified at [$Date: 2003/07/15 21:03:13 $] +Last modified at [$Date: 2003/07/15 21:41:17 $] Release: @@ -73,16 +73,6 @@ PATCHES TO PORT FROM 2.1 http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/mappers/mod_rewrite.c.diff?r1=1.156&r2=1.157 +1: rederpj, nd (besides my further comments on dev@) - * ap_get_mime_headers_core(): Remove LWS between header token and ':' - delimeter. (2616 compliance) - server/protocol.c: r1.133 - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/protocol.c.diff?r1=1.132&r2=1.133 - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/protocol.c.diff?r1=1.133&r2=1.134 - http://cvs.apache.org/viewcvs.cgi/httpd-2.0/server/protocol.c.diff?r1=1.134&r2=1.135 - +1: rederpj, nd (though I think it's actually a bad request, being lenient - is probably the best here), trawick (prefer style changes in - r1.135 to be committed at same time), jim - * Replace some of the mutex locking in the worker MPM with atomic operations for higher concurrency. server/mpm/worker/fdqueue.c 1.24, 1.25 diff --git a/server/protocol.c b/server/protocol.c index b2af023acd7..13604371577 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -705,6 +705,7 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb char *value; apr_size_t len; int fields_read = 0; + char *tmp_field; /* * Read header lines until we get the empty separator line, a read error, @@ -789,17 +790,35 @@ AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb } *value = '\0'; + tmp_field = value; /* used to trim the whitespace between key + * token and separator + */ ++value; while (*value == ' ' || *value == '\t') { ++value; /* Skip to start of value */ } - apr_table_addn(r->headers_in, last_field, value); + /* This check is to avoid any invalid memory reference while + * traversing backwards in the key. To avoid a case where + * the header starts with ':' (or with just some white + * space and the ':') followed by the value + */ + if (tmp_field > last_field) { + --tmp_field; + while ((tmp_field > last_field) && + (*tmp_field == ' ' || *tmp_field == '\t')) { + --tmp_field; /* Removing LWS between key and ':' */ + } + ++tmp_field; + *tmp_field = '\0'; + } + apr_table_addn(r->headers_in, last_field, value); + /* reset the alloc_len so that we'll allocate a new * buffer if we have to do any more folding: we can't * use the previous buffer because its contents are - * now part of tmp_headers + * now part of r->headers_in */ alloc_len = 0;