From 923974e191bcfae8a714c666e7ba75566c72aeb3 Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Tue, 12 Oct 2021 14:01:48 +0100 Subject: [PATCH] - mod_deflate/core: add two brigade handling correctness fixes --- httpd-2.4.51-r1894150.patch | 17 +++++++++++++++++ httpd-2.4.51-r1894152.patch | 36 ++++++++++++++++++++++++++++++++++++ httpd.spec | 5 +++++ 3 files changed, 58 insertions(+) create mode 100644 httpd-2.4.51-r1894150.patch create mode 100644 httpd-2.4.51-r1894152.patch diff --git a/httpd-2.4.51-r1894150.patch b/httpd-2.4.51-r1894150.patch new file mode 100644 index 0000000..c8acff9 --- /dev/null +++ b/httpd-2.4.51-r1894150.patch @@ -0,0 +1,17 @@ +# ./pullrev.sh 1894150 +http://svn.apache.org/viewvc?view=revision&revision=1894150 + +--- httpd-2.4.51/server/util_filter.c ++++ httpd-2.4.51/server/util_filter.c +@@ -565,8 +565,9 @@ + apr_bucket_brigade *bb) + { + if (next) { +- apr_bucket *e; +- if ((e = APR_BRIGADE_LAST(bb)) && APR_BUCKET_IS_EOS(e) && next->r) { ++ apr_bucket *e = APR_BRIGADE_LAST(bb); ++ ++ if (e != APR_BRIGADE_SENTINEL(bb) && APR_BUCKET_IS_EOS(e) && next->r) { + /* This is only safe because HTTP_HEADER filter is always in + * the filter stack. This ensures that there is ALWAYS a + * request-based filter that we can attach this to. If the diff --git a/httpd-2.4.51-r1894152.patch b/httpd-2.4.51-r1894152.patch new file mode 100644 index 0000000..95f5081 --- /dev/null +++ b/httpd-2.4.51-r1894152.patch @@ -0,0 +1,36 @@ +# ./pullrev.sh 1894152 +http://svn.apache.org/viewvc?view=revision&revision=1894152 + +--- httpd-2.4.51/modules/filters/mod_deflate.c.r1894152 ++++ httpd-2.4.51/modules/filters/mod_deflate.c +@@ -835,6 +835,7 @@ + while (!APR_BRIGADE_EMPTY(bb)) + { + apr_bucket *b; ++ apr_status_t rv; + + /* + * Optimization: If we are a HEAD request and bytes_sent is not zero +@@ -914,8 +915,6 @@ + } + + if (APR_BUCKET_IS_FLUSH(e)) { +- apr_status_t rv; +- + /* flush the remaining data from the zlib buffers */ + zRC = flush_libz_buffer(ctx, c, f->c->bucket_alloc, deflate, + Z_SYNC_FLUSH, NO_UPDATE_CRC); +@@ -947,7 +946,12 @@ + } + + /* read */ +- apr_bucket_read(e, &data, &len, APR_BLOCK_READ); ++ rv = apr_bucket_read(e, &data, &len, APR_BLOCK_READ); ++ if (rv) { ++ ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(10298) ++ "failed reading from %s bucket", e->type->name); ++ return rv; ++ } + if (!len) { + apr_bucket_delete(e); + continue; diff --git a/httpd.spec b/httpd.spec index 0cd12da..9c21ef8 100644 --- a/httpd.spec +++ b/httpd.spec @@ -90,6 +90,8 @@ Patch45: httpd-2.4.43-logjournal.patch Patch60: httpd-2.4.43-enable-sslv3.patch Patch61: httpd-2.4.48-r1878890.patch Patch63: httpd-2.4.46-htcacheclean-dont-break.patch +Patch64: httpd-2.4.51-r1894150.patch +Patch65: httpd-2.4.51-r1894152.patch # Security fixes @@ -241,6 +243,8 @@ written in the Lua programming language. %patch60 -p1 -b .enable-sslv3 %patch61 -p1 -b .r1878890 %patch63 -p1 -b .htcacheclean-dont-break +%patch64 -p1 -b .r1894150 +%patch65 -p1 -b .r1894152 # Patch in the vendor string sed -i '/^#define PLATFORM/s/Unix/%{vstring}/' os/unix/os.h @@ -789,6 +793,7 @@ exit $rv %changelog * Tue Oct 12 2021 Joe Orton - 2.4.51-2 - mod_ssl: updated patch for OpenSSL 3.0 compatibility (#2007178) +- mod_deflate/core: add two brigade handling correctness fixes * Thu Oct 07 2021 Patrick Uiterwijk - 2.4.51-1 - new version 2.4.51