* Return APR_EOF if request body is shorter than the length announced by the

client. PR: 33098 Submitted by: Stefan Fritsch <sf sfritsch.de> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@792409 13f79535-47bb-0310-9956-ffa450edef68
2025-08-20 16:09:55 +00:00 · 2009-07-09 06:28:54 +00:00
parent 65f63d24a8
commit 924367c210
2 changed files with 9 additions and 1 deletions
--- a/5
+++ b/5
@ -11,10 +11,13 @@ Changes with Apache 2.3.3
     mod_proxy_ajp: Avoid delivering content from a previous request which
     failed to send a request body. PR 46949 [Ruediger Pluem]

+  *) core: Return APR_EOF if request body is shorter than the length announced
+     by the client. PR 33098 [ Stefan Fritsch <sf sfritsch.de>]
+
  *) mod_suexec: correctly set suexec_enabled when httpd is run by a
     non-root user and may have insufficient permissions.
     PR 42175 [Jim Radford <radford blackbean.org>]
- 
+
  *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute
     type.  PR 45107.  [Michael Ströder <michael stroeder.com>,
     Peter Sylvester <peter.sylvester edelweb.fr>]
--- a/modules/http/http_filters.c
+++ b/modules/http/http_filters.c
@ -524,6 +524,11 @@ apr_status_t ap_http_filter(ap_filter_t *f, apr_bucket_brigade *b,

    if (ctx->state != BODY_NONE) {
        ctx->remaining -= totalread;
+        if (ctx->remaining > 0) {
+            e = APR_BRIGADE_LAST(b);
+            if (APR_BUCKET_IS_EOS(e))
+                return APR_EOF;
+        }
    }

    /* If we have no more bytes remaining on a C-L request,