This fixes a failed assert when r->remaining is left in a negative

state and we hit some other error (like permission failure) causing
an internal redirect causing us to reevaluate the input buffers
(for discarding the request body).

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95419 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/http/http_protocol.c b/modules/http/http_protocol.c
index 84ceb211e4de40fd59baf0305a7bedac265e8f3f..935fc0b9d84e1e3ec23df047fabade59140b3548 100644 (file)
--- a/modules/http/http_protocol.c
+++ b/modules/http/http_protocol.c
@@ -877,6 +877,8 @@ apr_status_t ap_http_filter(ap_filter_t *f, apr_bucket_brigade *b,
             ctx->remaining = get_chunk_size(line);
             /* Detect chunksize error (such as overflow) */
             if (ctx->remaining < 0) {
+                ctx->remaining = 0; /* Reset it in case we have to
+                                     * come back here later */
                 apr_brigade_cleanup(bb);
                 e = ap_bucket_error_create(HTTP_REQUEST_ENTITY_TOO_LARGE, NULL,
                                            f->r->pool,
@@ -934,6 +936,8 @@ apr_status_t ap_http_filter(ap_filter_t *f, apr_bucket_brigade *b,
 
                 /* Detect chunksize error (such as overflow) */
                 if (ctx->remaining < 0) {
+                    ctx->remaining = 0; /* Reset it in case we have to
+                                         * come back here later */
                     apr_brigade_cleanup(bb);
                     e = ap_bucket_error_create(HTTP_REQUEST_ENTITY_TOO_LARGE,
                                                NULL, f->r->pool,