From: Jeff Trawick Date: Tue, 5 Feb 2002 22:56:44 +0000 (+0000) Subject: In core_input_filter, check for an empty brigade after X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9b1549a14590494520975456cb849baf954f4821;p=apache In core_input_filter, check for an empty brigade after APR_BRIGADE_NORMALIZE(). Otherwise, we can get segfaults if a client says it will post some data but we get FIN before any data arrives. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@93262 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index ea16d93377..67afb2ae3f 100644 --- a/CHANGES +++ b/CHANGES @@ -1,5 +1,10 @@ Changes with Apache 2.0.32-dev + *) In core_input_filter, check for an empty brigade after + APR_BRIGADE_NORMALIZE(). Otherwise, we can get segfaults if a + client says it will post some data but we get FIN before any + data arrives. [Jeff Trawick] + *) Not being able to bind to the socket is a fatal error. We should print an error to the console, and return a non-zero status code. With these changes, all of the Unix MPMs do that correctly. diff --git a/server/core.c b/server/core.c index 844900a361..14c7654c04 100644 --- a/server/core.c +++ b/server/core.c @@ -3058,14 +3058,16 @@ static int core_input_filter(ap_filter_t *f, apr_bucket_brigade *b, APR_BRIGADE_INSERT_TAIL(ctx->b, e); net->in_ctx = ctx; } - else if (APR_BRIGADE_EMPTY(ctx->b)) { - /* hit EOF on socket already */ - return APR_EOF; - } /* ### This is bad. */ APR_BRIGADE_NORMALIZE(ctx->b); + /* check for empty brigade *AFTER* APR_BRIGADE_NORMALIZE() */ + if (APR_BRIGADE_EMPTY(ctx->b)) { + /* hit EOF on socket already */ + return APR_EOF; + } + /* ### AP_MODE_PEEK is a horrific name for this mode because we also * eat any CRLFs that we see. That's not the obvious intention of * this mode. Determine whether anyone actually uses this or not. */