diff -ruN ../httpd-2.2.17-o/server/util_script.c ./server/util_script.c
--- ../httpd-2.2.17-o/server/util_script.c	2009-01-12 14:59:56.000000000 +0100
+++ ./server/util_script.c	2011-07-26 15:39:50.000000000 +0200
@@ -406,6 +406,7 @@
 {
     char x[MAX_STRING_LEN];
     char *w, *l;
+    int wlen;
     int p;
     int cgi_status = HTTP_UNSET;
     apr_table_t *merge;
@@ -414,7 +415,14 @@
     if (buffer) {
         *buffer = '\0';
     }
-    w = buffer ? buffer : x;
+
+    if (r->server->limit_req_fieldsize + 2 > MAX_STRING_LEN) {
+        w = apr_palloc(r->pool, r->server->limit_req_fieldsize + 2);
+        wlen = r->server->limit_req_fieldsize + 2;
+    } else {
+        w = buffer ? buffer : x;
+        wlen = MAX_STRING_LEN;
+    }
 
     /* temporary place to hold headers to merge in later */
     merge = apr_table_make(r->pool, 10);
@@ -430,7 +438,7 @@
 
     while (1) {
 
-        int rv = (*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data);
+        int rv = (*getsfunc) (w, wlen - 1, getsfunc_data);
         if (rv == 0) {
             ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,
                           "Premature end of script headers: %s",
@@ -537,9 +545,12 @@
 
             if (!buffer) {
                 /* Soak up all the script output - may save an outright kill */
-                while ((*getsfunc) (w, MAX_STRING_LEN - 1, getsfunc_data)) {
+                while ((*getsfunc) (w, wlen - 1, getsfunc_data)) {
                     continue;
                 }
+	    } else if (w != buffer) {
+		strncpy(buffer, w, MAX_STRING_LEN - 1);
+		buffer[MAX_STRING_LEN - 1] = 0;
             }
 
             ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_TOCLIENT, 0, r,