1 /* ====================================================================
2 * The Apache Software License, Version 1.1
4 * Copyright (c) 2000-2001 The Apache Software Foundation. All rights
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
19 * 3. The end-user documentation included with the redistribution,
20 * if any, must include the following acknowledgment:
21 * "This product includes software developed by the
22 * Apache Software Foundation (http://www.apache.org/)."
23 * Alternately, this acknowledgment may appear in the software itself,
24 * if and wherever such third-party acknowledgments normally appear.
26 * 4. The names "Apache" and "Apache Software Foundation" must
27 * not be used to endorse or promote products derived from this
28 * software without prior written permission. For written
29 * permission, please contact apache@apache.org.
31 * 5. Products derived from this software may not be called "Apache",
32 * nor may "Apache" appear in their name, without prior written
33 * permission of the Apache Software Foundation.
35 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
36 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
37 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
38 * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
39 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
41 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
42 * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
43 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
44 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
45 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
47 * ====================================================================
49 * This software consists of voluntary contributions made by many
50 * individuals on behalf of the Apache Software Foundation. For more
51 * information on the Apache Software Foundation, please see
52 * <http://www.apache.org/>.
58 #include "http_protocol.h"
60 #include "http_core.h"
65 #define READ_BLOCKSIZE 2048 /* used for reading input blocks */
68 AP_DECLARE(int) ap_xml_parse_input(request_rec * r, apr_xml_doc **pdoc)
70 apr_xml_parser *parser;
75 if ((result = ap_setup_client_block(r, REQUEST_CHUNKED_DECHUNK)) != OK)
78 if (r->remaining == 0) {
83 parser = apr_xml_parser_create(r->pool);
85 if (ap_should_client_block(r)) {
88 apr_size_t total_read = 0;
89 apr_size_t limit_xml_body = ap_get_limit_xml_body(r);
91 /* allocate our working buffer */
92 buffer = apr_palloc(r->pool, READ_BLOCKSIZE);
94 /* read the body, stuffing it into the parser */
95 while ((len = ap_get_client_block(r, buffer, READ_BLOCKSIZE)) > 0) {
97 if (limit_xml_body && total_read > limit_xml_body) {
98 ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
99 "XML request body is larger than the configured "
100 "limit of %lu", (unsigned long)limit_xml_body);
104 status = apr_xml_parser_feed(parser, buffer, len);
109 /* ap_get_client_block() has logged an error */
114 /* tell the parser that we're done */
115 status = apr_xml_parser_done(parser, pdoc);
117 ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
118 "XML parser error (at end). status=%d", status);
119 return HTTP_BAD_REQUEST;
125 (void) apr_xml_parser_geterror(parser, errbuf, sizeof(errbuf));
126 ap_log_rerror(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r,
132 /* make sure the parser is terminated */
133 (void) apr_xml_parser_done(parser, NULL);
135 /* Apache will supply a default error, plus the error log above. */
136 return HTTP_BAD_REQUEST;