Skip to content

Commit 8836713

Browse files
notrojnotroj
committed
* modules/filters/mod_deflate.c (deflate_in_filter): Handle FLUSH in
 the input brigade even if done inflating (ctx->done is true), but don't try to flush the inflate stream in that case. (Caught by Coverity) Github: closes #280 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1895552 13f79535-47bb-0310-9956-ffa450edef68 (cherry picked from commit 6aef687)
1 parent cecb25e commit 8836713

File tree

1 file changed

+31
-29
lines changed

1 file changed

+31
-29
lines changed

modules/filters/mod_deflate.c

+31-29
Original file line numberDiff line numberDiff line change
@@ -1310,38 +1310,40 @@ static apr_status_t deflate_in_filter(ap_filter_t *f,
13101310
if (APR_BUCKET_IS_FLUSH(bkt)) {
13111311
apr_bucket *tmp_b;
13121312

1313-
ctx->inflate_total += ctx->stream.avail_out;
1314-
zRC = inflate(&(ctx->stream), Z_SYNC_FLUSH);
1315-
ctx->inflate_total -= ctx->stream.avail_out;
1316-
if (zRC != Z_OK) {
1317-
inflateEnd(&ctx->stream);
1318-
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01391)
1319-
"Zlib error %d inflating data (%s)", zRC,
1320-
ctx->stream.msg);
1321-
return APR_EGENERAL;
1322-
}
1313+
if (!ctx->done) {
1314+
ctx->inflate_total += ctx->stream.avail_out;
1315+
zRC = inflate(&(ctx->stream), Z_SYNC_FLUSH);
1316+
ctx->inflate_total -= ctx->stream.avail_out;
1317+
if (zRC != Z_OK) {
1318+
inflateEnd(&ctx->stream);
1319+
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(01391)
1320+
"Zlib error %d inflating data (%s)", zRC,
1321+
ctx->stream.msg);
1322+
return APR_EGENERAL;
1323+
}
13231324

1324-
if (inflate_limit && ctx->inflate_total > inflate_limit) {
1325-
inflateEnd(&ctx->stream);
1326-
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02647)
1327-
"Inflated content length of %" APR_OFF_T_FMT
1328-
" is larger than the configured limit"
1329-
" of %" APR_OFF_T_FMT,
1330-
ctx->inflate_total, inflate_limit);
1331-
return APR_ENOSPC;
1332-
}
1325+
if (inflate_limit && ctx->inflate_total > inflate_limit) {
1326+
inflateEnd(&ctx->stream);
1327+
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02647)
1328+
"Inflated content length of %" APR_OFF_T_FMT
1329+
" is larger than the configured limit"
1330+
" of %" APR_OFF_T_FMT,
1331+
ctx->inflate_total, inflate_limit);
1332+
return APR_ENOSPC;
1333+
}
13331334

1334-
if (!check_ratio(r, ctx, dc)) {
1335-
inflateEnd(&ctx->stream);
1336-
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02805)
1337-
"Inflated content ratio is larger than the "
1338-
"configured limit %i by %i time(s)",
1339-
dc->ratio_limit, dc->ratio_burst);
1340-
return APR_EINVAL;
1341-
}
1335+
if (!check_ratio(r, ctx, dc)) {
1336+
inflateEnd(&ctx->stream);
1337+
ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02805)
1338+
"Inflated content ratio is larger than the "
1339+
"configured limit %i by %i time(s)",
1340+
dc->ratio_limit, dc->ratio_burst);
1341+
return APR_EINVAL;
1342+
}
13421343

1343-
consume_buffer(ctx, c, c->bufferSize - ctx->stream.avail_out,
1344-
UPDATE_CRC, ctx->proc_bb);
1344+
consume_buffer(ctx, c, c->bufferSize - ctx->stream.avail_out,
1345+
UPDATE_CRC, ctx->proc_bb);
1346+
}
13451347

13461348
/* Flush everything so far in the returning brigade, but continue
13471349
* reading should EOS/more follow (don't lose them).

0 commit comments

Comments
 (0)