Fix closing the back end connection in case of error.
The field "closed" was changed from an int to a bit
field of size one in 2.4.x.
For historical reasons a close instruction was coded
as an increment on the field, which in 2.4.x flips
the field each time. There were mutliple could paths
that would flip it several times for a single error,
so effectively the connection was no longer closed
in these cases.
Especially in the case of an aborted client connection
this lead to a non consumed back end buffer and thus to
response mixup between users.
PR 53727
CVE-2012-3052
Backport of r1373955 from trunk.
Submitted by: rjung
Reviewed by: jim, trawick
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1374297 13f79535-47bb-0310-9956-
ffa450edef68
projects / apache / commit