* modules/http/http_protocol.c (ap_setup_client_block,

ap_http_filter): Use new apr_strtoff() to support request bodies as
large as apr_off_t allows (rather than as large as 'long' allows), and
simplify error handling.

PR: 27866

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@103756 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c
index bbd15dcbca4b9a5f40093ad07b57166437e3aa92..a8ffa871734e1e342f79bac1de8f9045c7f099e3 100644 (file)
--- a/modules/http/http_protocol.c
+++ b/modules/http/http_protocol.c
@@ -764,25 +764,19 @@ apr_status_t ap_http_filter(ap_filter_t *f, apr_bucket_brigade *b,
             }
         }
         else if (lenp) {
-            int conversion_error = 0;
             char *endstr;
 
             ctx->state = BODY_LENGTH;
             errno = 0;
-            ctx->remaining = strtol(lenp, &endstr, 10);        /* we depend on ANSI */
-
-            /* This protects us from over/underflow (the errno check),
-             * non-digit chars in the string (excluding leading space)
-             * (the endstr checks) and a negative number. Depending
-             * on the strtol implementation, the errno check may also
-             * trigger on an all whitespace string */
-            if (errno || (endstr && *endstr) || (ctx->remaining < 0)) {
-                 conversion_error = 1; 
-            }
-
-            if (conversion_error) {
+            
+            /* Protects against over/underflow, non-digit chars in the
+             * string (excluding leading space) (the endstr checks)
+             * and a negative number. */
+            if (apr_strtoff(&ctx->remaining, lenp, &endstr, 10)
+                || *endstr || ctx->remaining < 0) {
                 apr_bucket_brigade *bb;
 
+                ctx->remaining = 0;
                 ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, f->r,
                               "Invalid Content-Length");
 
@@ -1766,18 +1760,11 @@ AP_DECLARE(int) ap_setup_client_block(request_rec *r, int read_policy)
         r->read_chunked = 1;
     }
     else if (lenp) {
-        int conversion_error = 0;
         char *endstr;
 
-        errno = 0;
-        r->remaining = strtol(lenp, &endstr, 10); /* depend on ANSI */
-
-        /* See comments in ap_http_filter() */
-        if (errno || (endstr && *endstr) || (r->remaining < 0)) {
-            conversion_error = 1; 
-        }
-
-        if (conversion_error) {
+        if (apr_strtoff(&r->remaining, lenp, &endstr, 10)
+            || *endstr || r->remaining < 0) {
+            r->remaining = 0;
             ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
                           "Invalid Content-Length");
             return HTTP_BAD_REQUEST;