|
|
1eaa30 |
# ./pullrev.sh 1892413 1895552
|
|
|
1eaa30 |
|
|
|
1eaa30 |
https://bugzilla.redhat.com/show_bug.cgi?id=1938740
|
|
|
1eaa30 |
|
|
|
1eaa30 |
http://svn.apache.org/viewvc?view=revision&revision=1892413
|
|
|
1eaa30 |
http://svn.apache.org/viewvc?view=revision&revision=1895552
|
|
|
1eaa30 |
|
|
|
1eaa30 |
- also mod_cgi/mod_cgid log_flags fix from r1881559
|
|
|
1eaa30 |
|
|
|
1eaa30 |
--- httpd-2.4.51/modules/filters/mod_deflate.c.r1892413+
|
|
|
1eaa30 |
+++ httpd-2.4.51/modules/filters/mod_deflate.c
|
|
|
1eaa30 |
@@ -1275,44 +1275,46 @@
|
|
|
1eaa30 |
if (APR_BUCKET_IS_FLUSH(bkt)) {
|
|
|
1eaa30 |
apr_bucket *tmp_b;
|
|
|
1eaa30 |
|
|
|
1eaa30 |
- ctx->inflate_total += ctx->stream.avail_out;
|
|
|
1eaa30 |
- zRC = inflate(&(ctx->stream), Z_SYNC_FLUSH);
|
|
|
1eaa30 |
- ctx->inflate_total -= ctx->stream.avail_out;
|
|
|
1eaa30 |
- if (zRC != Z_OK) {
|
|
|
1eaa30 |
- inflateEnd(&ctx->stream);
|
|
|
1eaa30 |
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01391)
|
|
|
1eaa30 |
- "Zlib error %d inflating data (%s)", zRC,
|
|
|
1eaa30 |
- ctx->stream.msg);
|
|
|
1eaa30 |
- return APR_EGENERAL;
|
|
|
1eaa30 |
- }
|
|
|
1eaa30 |
+ if (!ctx->done) {
|
|
|
1eaa30 |
+ ctx->inflate_total += ctx->stream.avail_out;
|
|
|
1eaa30 |
+ zRC = inflate(&(ctx->stream), Z_SYNC_FLUSH);
|
|
|
1eaa30 |
+ ctx->inflate_total -= ctx->stream.avail_out;
|
|
|
1eaa30 |
+ if (zRC != Z_OK) {
|
|
|
1eaa30 |
+ inflateEnd(&ctx->stream);
|
|
|
1eaa30 |
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01391)
|
|
|
1eaa30 |
+ "Zlib error %d inflating data (%s)", zRC,
|
|
|
1eaa30 |
+ ctx->stream.msg);
|
|
|
1eaa30 |
+ return APR_EGENERAL;
|
|
|
1eaa30 |
+ }
|
|
|
1eaa30 |
|
|
|
1eaa30 |
- if (inflate_limit && ctx->inflate_total > inflate_limit) {
|
|
|
1eaa30 |
- inflateEnd(&ctx->stream);
|
|
|
1eaa30 |
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02647)
|
|
|
1eaa30 |
- "Inflated content length of %" APR_OFF_T_FMT
|
|
|
1eaa30 |
- " is larger than the configured limit"
|
|
|
1eaa30 |
- " of %" APR_OFF_T_FMT,
|
|
|
1eaa30 |
- ctx->inflate_total, inflate_limit);
|
|
|
1eaa30 |
- return APR_ENOSPC;
|
|
|
1eaa30 |
- }
|
|
|
1eaa30 |
+ if (inflate_limit && ctx->inflate_total > inflate_limit) {
|
|
|
1eaa30 |
+ inflateEnd(&ctx->stream);
|
|
|
1eaa30 |
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02647)
|
|
|
1eaa30 |
+ "Inflated content length of %" APR_OFF_T_FMT
|
|
|
1eaa30 |
+ " is larger than the configured limit"
|
|
|
1eaa30 |
+ " of %" APR_OFF_T_FMT,
|
|
|
1eaa30 |
+ ctx->inflate_total, inflate_limit);
|
|
|
1eaa30 |
+ return APR_ENOSPC;
|
|
|
1eaa30 |
+ }
|
|
|
1eaa30 |
|
|
|
1eaa30 |
- if (!check_ratio(r, ctx, dc)) {
|
|
|
1eaa30 |
- inflateEnd(&ctx->stream);
|
|
|
1eaa30 |
- ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02805)
|
|
|
1eaa30 |
- "Inflated content ratio is larger than the "
|
|
|
1eaa30 |
- "configured limit %i by %i time(s)",
|
|
|
1eaa30 |
- dc->ratio_limit, dc->ratio_burst);
|
|
|
1eaa30 |
- return APR_EINVAL;
|
|
|
1eaa30 |
- }
|
|
|
1eaa30 |
+ if (!check_ratio(r, ctx, dc)) {
|
|
|
1eaa30 |
+ inflateEnd(&ctx->stream);
|
|
|
1eaa30 |
+ ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02805)
|
|
|
1eaa30 |
+ "Inflated content ratio is larger than the "
|
|
|
1eaa30 |
+ "configured limit %i by %i time(s)",
|
|
|
1eaa30 |
+ dc->ratio_limit, dc->ratio_burst);
|
|
|
1eaa30 |
+ return APR_EINVAL;
|
|
|
1eaa30 |
+ }
|
|
|
1eaa30 |
|
|
|
1eaa30 |
- len = c->bufferSize - ctx->stream.avail_out;
|
|
|
1eaa30 |
- ctx->crc = crc32(ctx->crc, (const Bytef *)ctx->buffer, len);
|
|
|
1eaa30 |
- tmp_b = apr_bucket_heap_create((char *)ctx->buffer, len,
|
|
|
1eaa30 |
- NULL, f->c->bucket_alloc);
|
|
|
1eaa30 |
- APR_BRIGADE_INSERT_TAIL(ctx->proc_bb, tmp_b);
|
|
|
1eaa30 |
+ len = c->bufferSize - ctx->stream.avail_out;
|
|
|
1eaa30 |
+ ctx->crc = crc32(ctx->crc, (const Bytef *)ctx->buffer, len);
|
|
|
1eaa30 |
+ tmp_b = apr_bucket_heap_create((char *)ctx->buffer, len,
|
|
|
1eaa30 |
+ NULL, f->c->bucket_alloc);
|
|
|
1eaa30 |
+ APR_BRIGADE_INSERT_TAIL(ctx->proc_bb, tmp_b);
|
|
|
1eaa30 |
|
|
|
1eaa30 |
- ctx->stream.next_out = ctx->buffer;
|
|
|
1eaa30 |
- ctx->stream.avail_out = c->bufferSize;
|
|
|
1eaa30 |
+ ctx->stream.next_out = ctx->buffer;
|
|
|
1eaa30 |
+ ctx->stream.avail_out = c->bufferSize;
|
|
|
1eaa30 |
+ }
|
|
|
1eaa30 |
|
|
|
1eaa30 |
/* Flush everything so far in the returning brigade, but continue
|
|
|
1eaa30 |
* reading should EOS/more follow (don't lose them).
|
|
|
1eaa30 |
--- httpd-2.4.51/modules/generators/mod_cgi.c.r1892413+
|
|
|
1eaa30 |
+++ httpd-2.4.51/modules/generators/mod_cgi.c
|
|
|
1eaa30 |
@@ -191,11 +191,10 @@
|
|
|
1eaa30 |
apr_file_t *f = NULL;
|
|
|
1eaa30 |
apr_finfo_t finfo;
|
|
|
1eaa30 |
char time_str[APR_CTIME_LEN];
|
|
|
1eaa30 |
- int log_flags = rv ? APLOG_ERR : APLOG_ERR;
|
|
|
1eaa30 |
|
|
|
1eaa30 |
/* Intentional no APLOGNO */
|
|
|
1eaa30 |
/* Callee provides APLOGNO in error text */
|
|
|
1eaa30 |
- ap_log_rerror(APLOG_MARK, log_flags, rv, r,
|
|
|
1eaa30 |
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
|
|
|
1eaa30 |
"%s%s: %s", logno ? logno : "", error, r->filename);
|
|
|
1eaa30 |
|
|
|
1eaa30 |
/* XXX Very expensive mainline case! Open, then getfileinfo! */
|
|
|
1eaa30 |
--- httpd-2.4.51/modules/generators/mod_cgid.c.r1892413+
|
|
|
1eaa30 |
+++ httpd-2.4.51/modules/generators/mod_cgid.c
|
|
|
1eaa30 |
@@ -1190,11 +1190,10 @@
|
|
|
1eaa30 |
apr_file_t *f = NULL;
|
|
|
1eaa30 |
struct stat finfo;
|
|
|
1eaa30 |
char time_str[APR_CTIME_LEN];
|
|
|
1eaa30 |
- int log_flags = rv ? APLOG_ERR : APLOG_ERR;
|
|
|
1eaa30 |
|
|
|
1eaa30 |
/* Intentional no APLOGNO */
|
|
|
1eaa30 |
/* Callee provides APLOGNO in error text */
|
|
|
1eaa30 |
- ap_log_rerror(APLOG_MARK, log_flags, rv, r,
|
|
|
1eaa30 |
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r,
|
|
|
1eaa30 |
"%s: %s", error, r->filename);
|
|
|
1eaa30 |
|
|
|
1eaa30 |
/* XXX Very expensive mainline case! Open, then getfileinfo! */
|
|
|
1eaa30 |
--- httpd-2.4.51/server/mpm_unix.c.r1892413+
|
|
|
1eaa30 |
+++ httpd-2.4.51/server/mpm_unix.c
|
|
|
1eaa30 |
@@ -259,10 +259,12 @@
|
|
|
1eaa30 |
while (cur_extra) {
|
|
|
1eaa30 |
ap_generation_t old_gen;
|
|
|
1eaa30 |
extra_process_t *next = cur_extra->next;
|
|
|
1eaa30 |
+ pid_t pid = cur_extra->pid;
|
|
|
1eaa30 |
|
|
|
1eaa30 |
- if (reclaim_one_pid(cur_extra->pid, action_table[cur_action].action)) {
|
|
|
1eaa30 |
- if (ap_unregister_extra_mpm_process(cur_extra->pid, &old_gen) == 1) {
|
|
|
1eaa30 |
- mpm_callback(-1, cur_extra->pid, old_gen);
|
|
|
1eaa30 |
+ if (reclaim_one_pid(pid, action_table[cur_action].action)) {
|
|
|
1eaa30 |
+ if (ap_unregister_extra_mpm_process(pid, &old_gen) == 1) {
|
|
|
1eaa30 |
+ /* cur_extra dangling pointer from here. */
|
|
|
1eaa30 |
+ mpm_callback(-1, pid, old_gen);
|
|
|
1eaa30 |
}
|
|
|
1eaa30 |
else {
|
|
|
1eaa30 |
AP_DEBUG_ASSERT(1 == 0);
|
|
|
1eaa30 |
@@ -307,10 +309,12 @@
|
|
|
1eaa30 |
while (cur_extra) {
|
|
|
1eaa30 |
ap_generation_t old_gen;
|
|
|
1eaa30 |
extra_process_t *next = cur_extra->next;
|
|
|
1eaa30 |
+ pid_t pid = cur_extra->pid;
|
|
|
1eaa30 |
|
|
|
1eaa30 |
- if (reclaim_one_pid(cur_extra->pid, DO_NOTHING)) {
|
|
|
1eaa30 |
- if (ap_unregister_extra_mpm_process(cur_extra->pid, &old_gen) == 1) {
|
|
|
1eaa30 |
- mpm_callback(-1, cur_extra->pid, old_gen);
|
|
|
1eaa30 |
+ if (reclaim_one_pid(pid, DO_NOTHING)) {
|
|
|
1eaa30 |
+ if (ap_unregister_extra_mpm_process(pid, &old_gen) == 1) {
|
|
|
1eaa30 |
+ /* cur_extra dangling pointer from here. */
|
|
|
1eaa30 |
+ mpm_callback(-1, pid, old_gen);
|
|
|
1eaa30 |
}
|
|
|
1eaa30 |
else {
|
|
|
1eaa30 |
AP_DEBUG_ASSERT(1 == 0);
|