Bug 142795 - www/mod_fcgid broken large form uploads
Summary: www/mod_fcgid broken large form uploads
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Philip M. Gollucci
Depends on:
Reported: 2010-01-13 21:30 UTC by sergey
Modified: 2010-02-05 04:20 UTC (History)
0 users

See Also:

file.diff (1.93 KB, patch)
2010-01-13 21:30 UTC, sergey
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description sergey 2010-01-13 21:30:01 UTC
from http://svn.apache.org/viewvc?view=revision&revision=826829:

Fix possible corruption or truncation of request bodies which exceed

If the entire excess had been read from the brigade at the time the
limit was exceeded, the bug would be avoided.

This is a regression since mod_fcgid 2.2, which effectively ignored 
FcgidMaxRequestInMem if larger than 8K, since it reset the cumulative
request_len counter each time it obtained an input brigade of up to

Fix: http://svn.apache.org/viewvc/httpd/mod_fcgid/trunk/modules/fcgid/fcgid_bridge.c?r1=826829&r2=826828&pathrev=826829&view=patch

see attached patch

Patch attached with submission follows:
How-To-Repeat: try upload large file (>64kb)
Comment 1 Philip M. Gollucci freebsd_committer 2010-01-14 00:33:49 UTC
Responsible Changed
From-To: freebsd-ports-bugs->pgollucci

I'll take it.
Comment 2 Philip M. Gollucci freebsd_committer 2010-01-18 00:51:31 UTC
State Changed
From-To: open->feedback

Ask for maintainer approval.
Comment 3 Eric Kraußer 2010-01-26 23:34:13 UTC
The patch solved this critical bug for me, too.
I request to commit it, because it really can corrupt uploads silently 
(for example webmail attachments).
Comment 4 Philip M. Gollucci freebsd_committer 2010-01-31 00:37:29 UTC
State Changed
From-To: feedback->open

Maintainer timeout > 14 days
Comment 5 Philip M. Gollucci freebsd_committer 2010-02-01 16:59:26 UTC
State Changed
From-To: open->closed

v2.3.5 is out which includes this fix and should be used instead
Comment 6 sergey 2010-02-01 17:24:44 UTC
v2.3.5 need to be patched too.

Comment 7 dfilter service freebsd_committer 2010-02-05 04:10:32 UTC
pgollucci    2010-02-05 04:10:24 UTC

  FreeBSD ports repository

  Modified files:
    www/mod_fcgid        Makefile distinfo 
  Added files:
    www/mod_fcgid/files  patch-modules-fcgid-fcgid_mutex_unix.c 
  Removed files:
    www/mod_fcgid/files  patch-modules-fcgid-fcgid_conf.c 
  - Update 2.3.5 [1]
  - added patch from http://svn.apache.org/viewvc?view=revision&revision=905302  [1]
    (fixes incorrect mutex permissions)
  PR:             142795 [2], 143435 [3], 143458 [3], 143563 [1]
  Submitted by:   Sergey Prikhodko <sergey@network-asp.biz>
  Approved by:    maintainer timeout (hemi@puresimplicity.net; 22 days [2])
                  no response from maintainer [3]
  Revision  Changes    Path
  1.19      +1 -1      ports/www/mod_fcgid/Makefile
  1.10      +3 -3      ports/www/mod_fcgid/distinfo
  1.2       +0 -13     ports/www/mod_fcgid/files/patch-modules-fcgid-fcgid_conf.c (dead)
  1.1       +17 -0     ports/www/mod_fcgid/files/patch-modules-fcgid-fcgid_mutex_unix.c (new)
cvs-all@freebsd.org mailing list
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"