Accepting request 111808 from Apache

Automatic submission by obs-autosubmit OBS-URL: https://build.opensuse.org/request/show/111808 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apache2?expand=0&rev=58
2012-04-02 08:50:35 +00:00 · 2012-04-02 08:50:35 +00:00 · e6d23ffeea
commit e6d23ffeea
parent 02cca4df37 c3a81454c7
3 changed files with 70 additions and 7 deletions
--- a/apache2.changes
+++ b/apache2.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Tue Mar 20 14:05:49 UTC 2012 - adrian@suse.de
+
+- fix truncating and resulting paniking of answer headers (bnc#690734)
+
 -------------------------------------------------------------------
 Sat Feb 18 21:15:08 UTC 2012 - poeml@cmdline.net

--- a/apache2.spec
+++ b/apache2.spec
@ -16,7 +16,6 @@
 #


-
 Name:           apache2
 BuildRequires:  automake
 BuildRequires:  db-devel
@ -139,6 +138,7 @@ Patch65:        httpd-2.0.49-log_server_status.dif
 Patch66:        httpd-2.0.54-envvars.dif
 Patch67:        httpd-2.2.0-apxs-a2enmod.dif
 Patch68:        httpd-2.x.x-logresolve.patch
+Patch69:        httpd-2.2.x-bnc690734.patch
 Patch100:       apache2.2-mpm-itk-20090414-00.patch
 Patch101:       httpd-2.2.19-linux3.patch
 Patch102:       httpd-keepalivetimeout-millisecs.patch
@ -152,15 +152,19 @@ Icon:           Apache.xpm
 Summary:        The Apache Web Server Version 2.2
 License:        Apache-2.0
 Group:          Productivity/Networking/Web/Servers
-Provides:       httpd http_daemon %{apache_mmn} suse_help_viewer
-Requires:       %{pname}-MPM /etc/mime.types
+Provides:       %{apache_mmn}
+Provides:       http_daemon
+Provides:       httpd
+Provides:       suse_help_viewer
+Requires:       %{pname}-MPM
+Requires:       /etc/mime.types
 PreReq:         %{name}-utils
 Requires:       logrotate
 # in the past, libapr1 >= 1.0 was sufficient. But since 2.2.16, a failure to
 # create listen sockets can occur, unless newer libapr1 is used, with certain kernels.
 # see https://bugzilla.redhat.com/show_bug.cgi?id=516331
-Requires:       libapr1 >= 1.4.2
 Requires:       libapr1 < 2.0
+Requires:       libapr1 >= 1.4.2
 %{?systemd_requires}
 PreReq:         fileutils textutils grep sed 
 %if %{?suse_version:1}0
@ -297,9 +301,12 @@ See http://mpm-itk.sesse.net/
 %package devel
 Summary:        Apache 2.2 Header and Include Files
 Group:          Development/Libraries/C and C++
-Requires:       %{name} = %{version} %{pname}-MPM
-Requires:       libapr1-devel libapr-util1-devel
-Requires:       apache2-prefork gcc
+Requires:       %{name} = %{version}
+Requires:       %{pname}-MPM
+Requires:       apache2-prefork
+Requires:       gcc
+Requires:       libapr-util1-devel
+Requires:       libapr1-devel

 %description devel
 This package contains header files and include files that are needed
@ -357,6 +364,7 @@ to administrators of web servers in general.
 %patch66 -p1
 %patch67 -p1
 %patch68 -p1
+%patch69
 %patch100
 %patch101
 %patch102
--- a/httpd-2.2.x-bnc690734.patch
+++ b/httpd-2.2.x-bnc690734.patch
@ -0,0 +1,50 @@
+diff -ruN ../httpd-2.2.17-o/server/util_script.c ./server/util_script.c
+--- ../httpd-2.2.17-o/server/util_script.c	2009-01-12 14:59:56.000000000 +0100
+++ ./server/util_script.c	2011-07-26 15:39:50.000000000 +0200
+@@ -406,6 +406,7 @@
+ {
+     char x[MAX_STRING_LEN];
+     char *w, *l;
+    int wlen;
+     int p;
+     int cgi_status = HTTP_UNSET;
+     apr_table_t *merge;
+@@ -414,7 +415,14 @@
+     if (buffer) {
+         *buffer = '\0';
+     }
+-    w = buffer ? buffer : x;
+
+    if (r->server->limit_req_fieldsize + 2 > MAX_STRING_LEN) {
+        w = apr_palloc(r->pool, r->server->limit_req_fieldsize + 2);
+        wlen = r->server->limit_req_fieldsize + 2;
+    } else {
+        w = buffer ? buffer : x;
+        wlen = MAX_STRING_LEN;
+    }
+ 
+     /* temporary place to hold headers to merge in later */
+     merge = apr_table_make(r->pool, 10);
+@@ -430,7 +438,7 @@
+ 
+     while (1) {
+ 
+-        int rv = (*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data);
+        int rv = (*getsfunc) (w, wlen - 1, getsfunc_data);
+         if (rv == 0) {
+             ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,
+                           "Premature end of script headers: %s",
+@@ -537,9 +545,12 @@
+ 
+             if (!buffer) {
+                 /* Soak up all the script output - may save an outright kill */
+-                while ((*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data)) {
+                while ((*getsfunc) (w, wlen - 1, getsfunc_data)) {
+                     continue;
+                 }
+	    } else if (w != buffer) {
+		strncpy(buffer, w, MAX_STRING_LEN - 1);
+		buffer[MAX_STRING_LEN - 1] = 0;
+             }
+ 
+             ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,