PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) mod_dav: Fix a potential cause of unbounded memory usage or incorrect
- behavior in a routine that sends <DAV:response>'s to the output filters.
- trunk patch: http://svn.apache.org/r1764040
- 2.4.x patch: trunk works (modulo CHANGES)
- Note: this patch changes the signature of the existing mod_dav's public
- API, dav_send_one_response(), because this API is not yet a part of any
- 2.4.x release (it was backported to 2.4.x in r1756561). So, the change
- should either go to the upcoming 2.4.24, or should be reworked in case
- 2.4.24 is released without it. See the thread at
- https://mail-archives.apache.org/mod_mbox/httpd-dev/201608.mbox/%3C20160822151917.GA22369%40redhat.com%3E
- for additional details.
- +1: kotkov, jorton, jim
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
/* Write a complete RESPONSE object out as a <DAV:repsonse> xml
element. Data is sent into brigade BB, which is auto-flushed into
- OUTPUT filter stack. Use POOL for any temporary allocations.
+ the output filter stack for request R. Use POOL for any temporary
+ allocations.
[Presumably the <multistatus> tag has already been written; this
routine is shared by dav_send_multistatus and dav_stream_response.]
*/
DAV_DECLARE(void) dav_send_one_response(dav_response *response,
apr_bucket_brigade *bb,
- ap_filter_t *output,
+ request_rec *r,
apr_pool_t *pool)
{
apr_text *t = NULL;
if (response->propresult.xmlns == NULL) {
- ap_fputs(output, bb, "<D:response>");
+ ap_fputs(r->output_filters, bb, "<D:response>");
}
else {
- ap_fputs(output, bb, "<D:response");
+ ap_fputs(r->output_filters, bb, "<D:response");
for (t = response->propresult.xmlns; t; t = t->next) {
- ap_fputs(output, bb, t->text);
+ ap_fputs(r->output_filters, bb, t->text);
}
- ap_fputc(output, bb, '>');
+ ap_fputc(r->output_filters, bb, '>');
}
- ap_fputstrs(output, bb,
+ ap_fputstrs(r->output_filters, bb,
DEBUG_CR "<D:href>",
dav_xml_escape_uri(pool, response->href),
"</D:href>" DEBUG_CR,
* default to 500 Internal Server Error if first->status
* is not a known (or valid) status code.
*/
- ap_fputstrs(output, bb,
+ ap_fputstrs(r->output_filters, bb,
"<D:status>HTTP/1.1 ",
ap_get_status_line(response->status),
"</D:status>" DEBUG_CR,
else {
/* assume this includes <propstat> and is quoted properly */
for (t = response->propresult.propstats; t; t = t->next) {
- ap_fputs(output, bb, t->text);
+ ap_fputs(r->output_filters, bb, t->text);
}
}
* We supply the description, so we know it doesn't have to
* have any escaping/encoding applied to it.
*/
- ap_fputstrs(output, bb,
+ ap_fputstrs(r->output_filters, bb,
"<D:responsedescription>",
response->desc,
"</D:responsedescription>" DEBUG_CR,
NULL);
}
- ap_fputs(output, bb, "</D:response>" DEBUG_CR);
+ ap_fputs(r->output_filters, bb, "</D:response>" DEBUG_CR);
}
for (; first != NULL; first = first->next) {
apr_pool_clear(subpool);
- dav_send_one_response(first, bb, r->output_filters, subpool);
+ dav_send_one_response(first, bb, r, subpool);
}
apr_pool_destroy(subpool);
resp.propresult = *propstats;
}
- dav_send_one_response(&resp, ctx->bb, ctx->r->output_filters, pool);
+ dav_send_one_response(&resp, ctx->bb, ctx->r, pool);
}
projects / apache / commitdiff