Kill off edge case in mod_deflate where data may be sent before headers

are determined.
PR 49369 - Matthew Steele

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@950302 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 0096b4cc30b5aa61a703f140725302adf69455bb..05fc9577b40edc13fa309b7ed9ee8724369f9128 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -28,6 +28,9 @@ Changes with Apache 2.3.7
      processing is completed, avoiding orphaned callback pointers.
      [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
 
+  *) mod_deflate: avoid the risk of forwarding data before headers are set.
+     PR 49369 [Matthew Steele <mdsteele google.com>]
+
   *) mod_authnz_ldap: Ensure nested groups are checked when the 
      top-level group doesn't have any direct non-group members
      of attributes in AuthLDAPGroupAttribute. [Eric Covener]

diff --git a/modules/filters/mod_deflate.c b/modules/filters/mod_deflate.c
index 30c620d3380dbcc3a976205c4dc62e15491727eb..4ea0a48cc90add610a69592355cd4f1d45788a73 100644 (file)
--- a/modules/filters/mod_deflate.c
+++ b/modules/filters/mod_deflate.c
@@ -429,7 +429,7 @@ static apr_status_t deflate_out_filter(ap_filter_t *f,
 
     /* Do nothing if asked to filter nothing. */
     if (APR_BRIGADE_EMPTY(bb)) {
-        return ap_pass_brigade(f->next, bb);
+        return APR_SUCCESS;
     }
 
     c = ap_get_module_config(r->server->module_config,
@@ -1047,7 +1047,7 @@ static apr_status_t inflate_out_filter(ap_filter_t *f,
 
     /* Do nothing if asked to filter nothing. */
     if (APR_BRIGADE_EMPTY(bb)) {
-        return ap_pass_brigade(f->next, bb);
+        return APR_SUCCESS;
     }
 
     c = ap_get_module_config(r->server->module_config, &deflate_module);