From 74c097f0e1d9ffce5a74f5b99a2cbfc349b65ec6 Mon Sep 17 00:00:00 2001 From: Yann Ylavic Date: Tue, 7 Sep 2021 13:09:07 +0000 Subject: core: Initialize the request fields on read failure to avoid NULLs. * server/protocol.c(read_request_line): Set r->method_number to M_INVALID and r->{method,uri,unparsed_uri} to "-" when read fails, ap_parse_request_line() will never be called. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1893030 13f79535-47bb-0310-9956-ffa450edef68 --- changes-entries/init_request_on_read_failure.txt | 2 ++ server/protocol.c | 5 +++++ 2 files changed, 7 insertions(+) create mode 100644 changes-entries/init_request_on_read_failure.txt diff --git a/changes-entries/init_request_on_read_failure.txt b/changes-entries/init_request_on_read_failure.txt new file mode 100644 index 0000000000..c59bf89460 --- /dev/null +++ b/changes-entries/init_request_on_read_failure.txt @@ -0,0 +1,2 @@ + *) core: Initialize the request fields on read failure to avoid NULLs. + [Yann Ylavic] \ No newline at end of file diff --git a/server/protocol.c b/server/protocol.c index 276e490528..8d35247508 100644 --- a/server/protocol.c +++ b/server/protocol.c @@ -716,6 +716,11 @@ static int read_request_line(request_rec *r, apr_bucket_brigade *bb) if (rv != APR_SUCCESS) { r->request_time = apr_time_now(); + /* Fall through with an invalid (non NULL) request */ + r->method = "-"; + r->method_number = M_INVALID; + r->uri = r->unparsed_uri = apr_pstrdup(r->pool, "-"); + /* ap_rgetline returns APR_ENOSPC if it fills up the * buffer before finding the end-of-line. This is only going to * happen if it exceeds the configured limit for a request-line. -- cgit v1.2.3