Received: (qmail 23699 invoked by uid 2012); 27 Jul 1998 15:50:54 -0000 Message-Id: <19980727155054.23698.qmail@hyperreal.org> Date: 27 Jul 1998 15:50:54 -0000 From: Jesse Pelton Reply-To: jsp@pkc.com To: apbugs@hyperreal.org Subject: ISAPI: loss of POSTed data X-Send-Pr-Version: 3.2 >Number: 2720 >Category: mod_isapi >Synopsis: ISAPI: loss of POSTed data >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Jul 27 10:10:00 PDT 1998 >Closed-Date: Tue Sep 26 09:44:05 PDT 2000 >Last-Modified: Tue Sep 26 09:44:05 PDT 2000 >Originator: jsp@pkc.com >Release: 1.3.1 >Organization: >Environment: Windows NT Workstation 4.0 SP3 MSVC++ 5.0 Netscape Navigator 3.0, 4.05 Internet Explorer 4.0 (4.72.3110.8) >Description: If the data POSTed by a browser exceeds some size, the call to ap_get_client_block() in isapi_handler() only retrieves the first part of the data. The size is not fixed; I've observed the problem with Navigator with POSTs in the 13K-18K range (of which about 9K-13K was read), and with IE with POSTs in the 18K range (of which roughly 16K was read). The browsers are apparently sending the data in chunks, because a subsequent call to ap_get_client_block() fetches more bytes. >How-To-Repeat: POST a lot of data from a form to an ISAPI DLL. It doesn't seem to make much difference whether you use a few large inputs or a lot of small ones. You can use any valid ISAPI DLL, since the problem is entirely on the server side. >Fix: Replace the following code in isapi_handler(): if ((read = ap_get_client_block(r, ecb->lpbData, to_read)) < 0) { if (isapi_term) (*isapi_term)(HSE_TERM_MUST_UNLOAD); FreeLibrary(isapi_handle); return SERVER_ERROR; } with something like the following: read = 0; while (to_read - read > 0) { long this_read; if ((this_read = ap_get_client_block(r, ecb->lpbData + read, to_read - read)) <= 0) { if (isapi_term) (*isapi_term)(HSE_TERM_MUST_UNLOAD); FreeLibrary(isapi_handle); return SERVER_ERROR; } read += this_read; } This code works, but may not comply with your coding style. >Release-Note: >Audit-Trail: Category-Changed-From-To: os-windows-mod_isapi Category-Changed-By: wrowe Category-Changed-When: Thu Jun 15 13:24:49 PDT 2000 State-Changed-From-To: open-closed State-Changed-By: wrowe State-Changed-When: Tue Sep 26 09:44:03 PDT 2000 State-Changed-Why: This problem should now be resolved with the 1.3.13 release of Apache. You may wish to check out the current sources, build and test that the issue is resolved. Note that Apache 1.3.13 now supports ISAPIReadAheadBuffer to define the max size of the initial request block, and ReadClient to retrieve the rest of the request. >Unformatted: [In order for any reply to be added to the PR database, ] [you need to include in the Cc line ] [and leave the subject line UNCHANGED. This is not done] [automatically because of the potential for mail loops. ]