From d06f6727387f27295d52844b68701c1acfd8d29b Mon Sep 17 00:00:00 2001 From: Jim Jagielski Date: Tue, 2 Dec 2014 12:47:22 +0000 Subject: [PATCH] Merge r1640040, r1640042 from trunk: mod_proxy_fcgi, mod_authnz_fcgi: stop reading the response and issue an error when parsing or forwarding the response fails. Follow up to r1640040: CHANGES entry. Submitted by: ylavic Reviewed/backported by: jim git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1642855 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ STATUS | 8 -------- modules/aaa/mod_authnz_fcgi.c | 4 ++++ modules/proxy/mod_proxy_fcgi.c | 4 ++++ 4 files changed, 11 insertions(+), 8 deletions(-) diff --git a/CHANGES b/CHANGES index aeb37317d0..0c7b2a03e6 100644 --- a/CHANGES +++ b/CHANGES @@ -17,6 +17,9 @@ Changes with Apache 2.4.11 request headers earlier. Adds "MergeTrailers" directive to restore legacy behavior. [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener] + *) mod_proxy_fcgi, mod_authnz_fcgi: stop reading the response and issue an + error when parsing or forwarding the response fails. [Yann Ylavic] + *) mod_ssl: Fix a memory leak in case of graceful restarts with OpenSSL >= 0.9.8e PR 53435 [tadanori , Sebastian Wiedenroth ] diff --git a/STATUS b/STATUS index c95a619975..accba2050f 100644 --- a/STATUS +++ b/STATUS @@ -137,14 +137,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK: 2.4.x patch: http://people.apache.org/~ylavic/httpd-2.4.x-mod_proxy_wstunnel-aborted.patch +1: ylavic, covener, jim - * mod_proxy_fcgi, mod_authnz_fcgi: stop reading the response and issue an error - when parsing or forwarding the response fails. - trunk patch: http://svn.apache.org/r1640040 - http://svn.apache.org/r1640042 - 2.4.x patch: trunk works (modulo CHANGES) - +1: ylavic, trawick, jim - - PATCHES PROPOSED TO BACKPORT FROM TRUNK: [ New proposals should be added at the end of the list ] diff --git a/modules/aaa/mod_authnz_fcgi.c b/modules/aaa/mod_authnz_fcgi.c index 401fa99507..51b15edd4a 100644 --- a/modules/aaa/mod_authnz_fcgi.c +++ b/modules/aaa/mod_authnz_fcgi.c @@ -642,6 +642,10 @@ static apr_status_t handle_response(const fcgi_provider_conf *conf, "%d", fn, type); break; } + /* Leave on above switch's inner error. */ + if (rv != APR_SUCCESS) { + break; + } /* * Read/discard any trailing padding. diff --git a/modules/proxy/mod_proxy_fcgi.c b/modules/proxy/mod_proxy_fcgi.c index 9f57035163..e35d6ccc7f 100644 --- a/modules/proxy/mod_proxy_fcgi.c +++ b/modules/proxy/mod_proxy_fcgi.c @@ -681,6 +681,10 @@ recv_again: "Got bogus record %d", type); break; } + /* Leave on above switch's inner error. */ + if (rv != APR_SUCCESS) { + break; + } if (plen) { rv = get_data_full(conn, iobuf, plen); -- 2.40.0