This is in http_protocol.c.....
{
- char field[DEFAULT_LIMIT_REQUEST_FIELDSIZE + 2]; /* getline's two extra */
+ char field[DEFAULT_LIMIT_REQUEST_FIELDSIZE + 2]; /* ap_getline's two extra */
conn_rec *c = r->connection;
char *value;
char *copy;
@@ -1071,7 +1087,7 @@
* Read header lines until we get the empty separator line, a read error,
* the connection closes (EOF), reach the server limit, or we timeout.
*/
- while ((len = getline(field, sizeof(field), c->client, 1)) > 0) {
+ while ((len = ap_getline(field, sizeof(field), c->client, 1)) > 0) {
if (r->server->limit_req_fields &&
(++fields_read > r->server->limit_req_fields)) {
@@ -1081,7 +1097,7 @@
"this server's limit.<P>\n");
return;
}
- /* getline returns (size of max buffer - 1) if it fills up the
+ /* ap_getline returns (size of max buffer - 1) if it fills up the
* buffer before finding the end-of-line. This is only going to
* happen if it exceeds the configured limit for a field size.
*/
@@ -1173,6 +1189,14 @@
ap_log_transaction(r);
return r;
}
+ else if (r->status == HTTP_BAD_REQUEST) {
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
+ "request failed: erroneous characters after protocol string: %s",
+ ap_escape_logitem(r->pool, r->the_request));
+ ap_send_error_response(r, 0);
+ ap_log_transaction(r);
+ return r;
+ }
return NULL;
}
Code:
static void get_mime_headers(request_rec *r) {
- char field[DEFAULT_LIMIT_REQUEST_FIELDSIZE + 2]; /* getline's two extra */
+ char field[DEFAULT_LIMIT_REQUEST_FIELDSIZE + 2]; /* ap_getline's two extra */
conn_rec *c = r->connection;
char *value;
char *copy;
@@ -1071,7 +1087,7 @@
* Read header lines until we get the empty separator line, a read error,
* the connection closes (EOF), reach the server limit, or we timeout.
*/
- while ((len = getline(field, sizeof(field), c->client, 1)) > 0) {
+ while ((len = ap_getline(field, sizeof(field), c->client, 1)) > 0) {
if (r->server->limit_req_fields &&
(++fields_read > r->server->limit_req_fields)) {
@@ -1081,7 +1097,7 @@
"this server's limit.<P>\n");
return;
}
- /* getline returns (size of max buffer - 1) if it fills up the
+ /* ap_getline returns (size of max buffer - 1) if it fills up the
* buffer before finding the end-of-line. This is only going to
* happen if it exceeds the configured limit for a field size.
*/
@@ -1173,6 +1189,14 @@
ap_log_transaction(r);
return r;
}
+ else if (r->status == HTTP_BAD_REQUEST) {
+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO|APLOG_ERR, r,
+ "request failed: erroneous characters after protocol string: %s",
+ ap_escape_logitem(r->pool, r->the_request));
+ ap_send_error_response(r, 0);
+ ap_log_transaction(r);
+ return r;
+ }
return NULL;
}