summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--changes-entries/ajp_invalid_number_of_headers.txt2
-rw-r--r--modules/proxy/ajp_header.c9
2 files changed, 10 insertions, 1 deletions
diff --git a/changes-entries/ajp_invalid_number_of_headers.txt b/changes-entries/ajp_invalid_number_of_headers.txt
new file mode 100644
index 0000000000..8657304608
--- /dev/null
+++ b/changes-entries/ajp_invalid_number_of_headers.txt
@@ -0,0 +1,2 @@
+ *) mod_proxy_ajp: Report an error if the AJP backend sends an invalid number
+ of headers. [Ruediger Pluem]
diff --git a/modules/proxy/ajp_header.c b/modules/proxy/ajp_header.c
index b4dc47ccf5..a09a2e43a3 100644
--- a/modules/proxy/ajp_header.c
+++ b/modules/proxy/ajp_header.c
@@ -584,8 +584,15 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg,
r->headers_out = save_table;
}
else {
- r->headers_out = NULL;
+ /*
+ * Reset headers, but not to NULL because things below the chain expect
+ * this to be non NULL e.g. the ap_content_length_filter.
+ */
+ r->headers_out = apr_table_make(r->pool, 1);
num_headers = 0;
+ ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10405)
+ "ajp_unmarshal_response: Bad number of headers");
+ return rc;
}
ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r,
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 09:19:04 +0100