codesite-noreply at google
Oct 21, 2009, 4:53 AM
Post #1 of 2
(32 views)
Permalink
|
|
Issue 612 in cherokee: [patch] buggy request building in handler_proxy.c
|
|
Status: New
Owner: ----
New issue 612 by stefantalpalaru: [patch] buggy request building in
handler_proxy.c
http://code.google.com/p/cherokee/issues/detail?id=612
The bug is a logic error in computing the length of the incoming
X-Forwarded-For header.
First the XFF pointer is made to point at the beginning of the first
non-space char after ':' and then XFF_len is computed as the length of the
entire line instead of just (end - XFF) as it should be. The end result is
that at the point where the request for the server behind the proxy is
built (and the local IP is added to this header) more characters then
necessary are read (XFF + (end - begin)) and it usually just inserts an
invalid HTTP header, but in my case I got hit much harder because the
X-Forwarded-For header was the last one and for POST requests the bug
injected something that looked like a body (because it was following 2
CRLF) and thus all the POST requests were broken. Patch attached.
Attachments:
cherokee-fix-XFF-header-len.patch 360 bytes
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
_______________________________________________
Cherokee-dev mailing list
Cherokee-dev[at]lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev
|
