angler-fishThe Vulnerability History Project

Input filtering rewrite. Consolidate how we handle HTTP input parsing by

      rearranging and rethinking some things.  The net result is that the HTTP
filter is now a request filter and is now only responsible for HTTP things.
The core input filter is now responsible for handling all of the dirty work.

Highlights:
- Removes the dechunk filter and merges it with ap_http_filter (aka HTTP_IN).
  The dechunk filter was incorrectly handling certain cases (trailers).
- Moves ap_http_filter from a connection filter to a request filter
  to support the consolidation above (it needs header info).
- Change support code to allow the http_filter to be a
  request filter (how the request is setup initially).
- Move most of the logic from HTTP_IN to CORE_IN (core_input_filter).
  HTTP_IN is now only concerned about HTTP things.  The core filter
  is now responsible for returning data.  It is impossible to
  consolidate dechunk and http without this because HTTP_IN previously
  buffered data.  As Greg ha
by Hector the Sea Slug 2001-09-29 08:17:11 UTC
commit 08eb7609da3a8fa149113a1068cb5b3d676614a5
HTTPD VCC CVE-2002-0392
modules/http/http_core.c
+2 -10
modules/http/http_protocol.c
+232 -83
server/core.c
+8 -130
server/protocol.c
+4 -4
expand_less