From 9043e6f4ecc739fa6caaa51f815edad687069f9d Mon Sep 17 00:00:00 2001 From: erickson Date: Thu, 13 Apr 2006 17:01:08 +0000 Subject: [PATCH] added some logging, etc. git-svn-id: svn://svn.open-ils.org/OpenSRF/trunk@689 9efc2488-bf62-4759-914b-345cdb29e865 --- src/gateway/apachetools.c | 25 +++++++++++++++++++++++-- src/gateway/apachetools.h | 4 +++- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/src/gateway/apachetools.c b/src/gateway/apachetools.c index 204a192..458d7b8 100644 --- a/src/gateway/apachetools.c +++ b/src/gateway/apachetools.c @@ -14,7 +14,6 @@ string_array* apacheParseParms(request_rec* r) { char* key = NULL; /* query item name */ char* val = NULL; /* query item value */ - /* gather the post args and append them to the url query string */ if( !strcmp(r->method,"POST") ) { @@ -29,6 +28,14 @@ string_array* apacheParseParms(request_rec* r) { while(ap_get_client_block(r, body, 1024)) { buffer_add( buffer, body ); memset(body,0,1025); + + if(buffer->n_used > APACHE_TOOLS_MAX_POST_SIZE) { + osrfLogError(OSRF_LOG_MARK, "gateway received POST larger " + "than %d bytes. dropping reqeust", APACHE_TOOLS_MAX_POST_SIZE); + buffer_free(buffer); + arg = NULL; + } + } if(arg && arg[0]) { @@ -53,6 +60,7 @@ string_array* apacheParseParms(request_rec* r) { } + int sanity = 0; while( arg && (val = ap_getword(p, (const char**) &arg, '&'))) { key = ap_getword(r->pool, (const char**) &val, '='); @@ -65,10 +73,20 @@ string_array* apacheParseParms(request_rec* r) { string_array_add(sarray, key); string_array_add(sarray, val); + if( sanity++ > 1000 ) { + osrfLogError(OSRF_LOG_MARK, + "Parsing URL params failed sanity check: 1000 iterations"); + string_array_destroy(sarray); + return NULL; + } + } - return sarray; + if(sarray) + osrfLogDebug(OSRF_LOG_MARK, + "Apache tools parsed %d params key/values", sarray->size / 2 ); + return sarray; } @@ -77,6 +95,7 @@ string_array* apacheGetParamKeys(string_array* params) { if(params == NULL) return NULL; string_array* sarray = init_string_array(12); int i; + osrfLogDebug(OSRF_LOG_MARK, "Fetching URL param keys"); for( i = 0; i < params->size; i++ ) string_array_add(sarray, string_array_get_string(params, i++)); return sarray; @@ -87,6 +106,7 @@ string_array* apacheGetParamValues(string_array* params, char* key) { if(params == NULL || key == NULL) return NULL; string_array* sarray = init_string_array(12); + osrfLogDebug(OSRF_LOG_MARK, "Fetching URL values for key %s", key); int i; for( i = 0; i < params->size; i++ ) { char* nkey = string_array_get_string(params, i++); @@ -101,6 +121,7 @@ char* apacheGetFirstParamValue(string_array* params, char* key) { if(params == NULL || key == NULL) return NULL; int i; + osrfLogDebug(OSRF_LOG_MARK, "Fetching first URL value for key %s", key); for( i = 0; i < params->size; i++ ) { char* nkey = string_array_get_string(params, i++); if(key && !strcmp(nkey, key)) diff --git a/src/gateway/apachetools.h b/src/gateway/apachetools.h index 2669468..cc4987f 100644 --- a/src/gateway/apachetools.h +++ b/src/gateway/apachetools.h @@ -10,11 +10,13 @@ #include "opensrf/string_array.h" #include "opensrf/utils.h" -#include "opensrf/utils.h" +#include "opensrf/log.h" #ifndef APACHE_TOOLS_H #define APACHE_TOOLS_H +#define APACHE_TOOLS_MAX_POST_SIZE 10485760 /* 10 MB */ + /* parses apache URL params (GET and POST). Returns a string_array of the form [ key, val, key, val, ...] -- 2.11.0