mod_isapi: Do not unload an isapi .dll module until the request
processing is completed, avoiding orphaned callback pointers.
Submitted by: Brett Gervasoni <brettg senseofsecurity.com>, trawick
Reviewed by: trawick, wrowe
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@917870
13f79535-47bb-0310-9956-
ffa450edef68
- -*- coding: utf-8 -*-
+ -*- coding: utf-8 -*-
Changes with Apache 2.3.7
+ *) SECURITY: CVE-2010-0425 (cve.mitre.org)
+ mod_isapi: Do not unload an isapi .dll module until the request
+ processing is completed, avoiding orphaned callback pointers.
+ [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
+
*) support/rotatelogs: Add -L option to create a link to the current
log file. PR 48761 [<lyndon orthanc.ca>, Dan Poirier]
/* Set up client input */
res = ap_setup_client_block(r, REQUEST_CHUNKED_ERROR);
if (res) {
- isapi_unload(isa, 0);
return res;
}
}
if (res < 0) {
- isapi_unload(isa, 0);
return HTTP_INTERNAL_SERVER_ERROR;
}