From: Paul J. Reder Date: Mon, 1 Mar 2004 21:40:44 +0000 (+0000) Subject: *) Remove compile-time length limit on request strings. Length is X-Git-Tag: pre_ajp_proxy~591 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=38d03c5274fb4e01a14cf93af29a3dbcd7371d55;p=apache *) Remove compile-time length limit on request strings. Length is now enforced solely with the LimitRequestLine config directive. [Paul J. Reder] git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@102840 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index b2c45c755c..4303045573 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,10 @@ Changes with Apache 2.1.0-dev [Remove entries to the current 2.0 section below, when backported] + *) Remove compile-time length limit on request strings. Length is + now enforced solely with the LimitRequestLine config directive. + [Paul J. Reder] + *) mod_ssl: Send the Close Alert message to the peer before closing the SSL session. [Madhusudan Mathihalli, Joe Orton] diff --git a/server/core.c b/server/core.c index 80e900139b..c6d243a3a7 100644 --- a/server/core.c +++ b/server/core.c @@ -2437,12 +2437,6 @@ static const char *set_limit_req_line(cmd_parms *cmd, void *dummy, "\" must be a non-negative integer", NULL); } - if (lim > DEFAULT_LIMIT_REQUEST_LINE) { - return apr_psprintf(cmd->temp_pool, "LimitRequestLine \"%s\" " - "must not exceed the precompiled maximum of %d", - arg, DEFAULT_LIMIT_REQUEST_LINE); - } - cmd->server->limit_req_line = lim; return NULL; } diff --git a/server/protocol.c b/server/protocol.c index 5da65f977c..be69a227ce 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -577,11 +577,22 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb) * if there are empty lines */ r->the_request = NULL; - rv = ap_rgetline(&(r->the_request), DEFAULT_LIMIT_REQUEST_LINE + 2, + rv = ap_rgetline(&(r->the_request), (apr_size_t)(r->server->limit_req_line + 2), &len, r, 0, bb); if (rv != APR_SUCCESS) { r->request_time = apr_time_now(); + + /* ap_rgetline returns APR_ENOSPC if it fills up the + * buffer before finding the end-of-line. This is only going to + * happen if it exceeds the configured limit for a request-line. + */ + if (rv == APR_ENOSPC) { + r->status = HTTP_REQUEST_URI_TOO_LARGE; + r->proto_num = HTTP_VERSION(1,0); + r->protocol = apr_pstrdup(r->pool, "HTTP/1.0"); + } + return 0; } } while ((len <= 0) && (++num_blank_lines < max_blank_lines)); @@ -611,18 +622,6 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb) ap_parse_uri(r, uri); - /* ap_getline returns (size of max buffer - 1) if it fills up the - * buffer before finding the end-of-line. This is only going to - * happen if it exceeds the configured limit for a request-line. - * The cast is safe, limit_req_line cannot be negative - */ - if (len > (apr_size_t)r->server->limit_req_line) { - r->status = HTTP_REQUEST_URI_TOO_LARGE; - r->proto_num = HTTP_VERSION(1,0); - r->protocol = apr_pstrdup(r->pool, "HTTP/1.0"); - return 0; - } - if (ll[0]) { r->assbackwards = 0; pro = ll; @@ -856,7 +855,7 @@ request_rec *ap_read_request(conn_rec *conn) if (!read_request_line(r, tmp_bb)) { if (r->status == HTTP_REQUEST_URI_TOO_LARGE) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, - "request failed: URI too long"); + "request failed: URI too long (longer than %d)", r->server->limit_req_line); ap_send_error_response(r, 0); ap_update_child_status(conn->sbh, SERVER_BUSY_LOG, r); ap_run_log_transaction(r);