From 705d42f5f656fbcf715b51079c2d2e11885d7b85 Mon Sep 17 00:00:00 2001 From: "William A. Rowe Jr" Date: Wed, 10 Aug 2016 13:39:35 +0000 Subject: [PATCH] Follow on to r1755264, for the case of merged header length exceptions, and ensure the field header name is truncated to a sane log width. Stop reflecting irrelevant data to the request error notes, particularly for abusive and malformed traffic the non-technical consumer of a user-agent has no control over. Simply take note where the administrator-configured limits have been exceeded, that administrator can find details in the error log if desired. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1755744 13f79535-47bb-0310-9956-ffa450edef68 --- server/protocol.c | 31 ++++++++++++++----------------- 1 file changed, 14 insertions(+), 17 deletions(-) diff --git a/server/protocol.c b/server/protocol.c index 87357ab558..57efda9179 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -743,6 +743,16 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb) return 1; } +/* get the length of the field name for logging, but no more than 80 bytes */ +#define LOG_NAME_MAX_LEN 80 +static int field_name_len(const char *field) +{ + const char *end = ap_strchr_c(field, ':'); + if (end == NULL || end - field > LOG_NAME_MAX_LEN) + return LOG_NAME_MAX_LEN; + return end - field; +} + static int table_do_fn_check_lengths(void *r_, const char *key, const char *value) { @@ -752,26 +762,13 @@ static int table_do_fn_check_lengths(void *r_, const char *key, r->status = HTTP_BAD_REQUEST; apr_table_setn(r->notes, "error-notes", - apr_pstrcat(r->pool, "Size of a request header field " - "after merging exceeds server limit.
" - "\n
\n",
-                               ap_escape_html(r->pool, key),
-                               "
\n", NULL)); - ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00560) "Request header " - "exceeds LimitRequestFieldSize after merging: %s", key); + "Size of a request header field exceeds server limit."); + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, APLOGNO(00560) "Request " + "header exceeds LimitRequestFieldSize after merging: %.*s", + field_name_len(key), key); return 0; } -/* get the length of the field name for logging, but no more than 80 bytes */ -#define LOG_NAME_MAX_LEN 80 -static int field_name_len(const char *field) -{ - const char *end = ap_strchr_c(field, ':'); - if (end == NULL || end - field > LOG_NAME_MAX_LEN) - return LOG_NAME_MAX_LEN; - return end - field; -} - AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb) { char *last_field = NULL; -- 2.50.1