Merge r1775487 from trunk: (310dde30) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP Apache Httpd

CHANGES

+4 −0

Original line number	Diff line number	Diff line
		@@ -2,6 +2,10 @@

		Changes with Apache 2.4.26

		*) mod_proxy_fcgi, mod_fcgid: Fix crashes in ap_fcgi_encoded_env_len() when
		modules add empty environment variables to the request. PR60275.
		[<alex2grad AT gmail.com>]

		*) mod_http2: fix for possible page fault when stream is resumed during
		session shutdown. [sidney-j-r-m (github)]

+0 −5

Original line number	Diff line number	Diff line
		@@ -119,11 +119,6 @@ RELEASE SHOWSTOPPERS:
		PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
		[ start all new proposals below, under PATCHES PROPOSED. ]

		*) util_fcgi: Fix crash with empty-valued envvars. PR60275
		trunk patch: http://svn.apache.org/r1775487.
		2.4.x patch: trunk works
		+1 covener, jim, wrowe

		*) mod_auth_digest: Reduce severity from NOTICE to DEBUG this
		once-per-restart msg (I guess the concern was that the RNG
		could block after this message)

+7 −4

Original line number	Diff line number	Diff line
		@@ -153,7 +153,7 @@ AP_DECLARE(apr_size_t) ap_fcgi_encoded_env_len(apr_table_t *env,

		envlen += keylen;

		vallen = strlen(elts[i].val);
		vallen = elts[i].val ? strlen(elts[i].val) : 0;

		if (vallen >> 7 == 0) {
		envlen += 1;
		@@ -226,7 +226,7 @@ AP_DECLARE(apr_status_t) ap_fcgi_encode_env(request_rec *r,
		buflen -= 4;
		}

		vallen = strlen(elts[i].val);
		vallen = elts[i].val ? strlen(elts[i].val) : 0;

		if (vallen >> 7 == 0) {
		if (buflen < 1) {
		@@ -262,8 +262,11 @@ AP_DECLARE(apr_status_t) ap_fcgi_encode_env(request_rec *r,
		rv = APR_ENOSPC; /* overflow */
		break;
		}

		if (elts[i].val) {
		memcpy(itr, elts[i].val, vallen);
		itr += vallen;
		}

		if (buflen == vallen) {
		(*starting_elem)++;