From: Stefan Eissing <icing@apache.org>
Date: Wed, 1 Feb 2017 20:40:38 +0000 (+0000)
Subject: On the trunk:
X-Git-Tag: 2.5.0-alpha~714
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=832cbdb76ae5ff8709a910c25684c0d8cf3ddaef;p=apache

On the trunk:

mod_http2: fix for crash when running out of memory. Initial patch by Robert Swiecki <robert@swiecki.net>
CVEID: CVE-2017-7659


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1781304 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 0e0806af7f..ac9e7ac7a0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_http2: fix for crash when running out of memory.
+     [Robert Swiecki <robert@swiecki.net>, Stefan Eissing]
+     
   *) mod_ssl: work around leaks on (graceful) restart. [Yann Ylavic]
 
   *) When using mod_status with the Event MPM, report the number of requests
diff --git a/modules/http2/h2_stream.c b/modules/http2/h2_stream.c
index 0a82e510bc..7efa0bf063 100644
--- a/modules/http2/h2_stream.c
+++ b/modules/http2/h2_stream.c
@@ -262,11 +262,13 @@ apr_status_t h2_stream_set_request_rec(h2_stream *stream, request_rec *r)
         return APR_ECONNRESET;
     }
     status = h2_request_rcreate(&req, stream->pool, r);
-    ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, r, APLOGNO(03058)
-                  "h2_request(%d): set_request_rec %s host=%s://%s%s",
-                  stream->id, req->method, req->scheme, req->authority, 
-                  req->path);
-    stream->rtmp = req;
+    if (status == APR_SUCCESS) {
+        ap_log_rerror(APLOG_MARK, APLOG_DEBUG, status, r, APLOGNO(03058)
+                      "h2_request(%d): set_request_rec %s host=%s://%s%s",
+                      stream->id, req->method, req->scheme, req->authority, 
+                      req->path);
+        stream->rtmp = req;
+    }
     return status;
 }