Package: libapache2-mod-wsgi
Version: 3.3-2
Severity: normal
Tags: patch
Hello,
When a WSGI application sets a Content-Length header to a value
greater than 2GB, mod_wsgi errors out with the following line in error.log:
[Thu Apr 14 09:08:02 2011] [error] [client 192.168.0.16] ValueError: invalid
content length
This is due to the use of strtol() instead of strtoll() when
extracting the Content-Length from the headers provided by the WSGI
application.
I'm attaching a patch that fixes the issue by using strtoll() and an
apr_off_t instead.
Regards,
-- System Information:
Debian Release: wheezy/sid
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'unstable'), (500, 'stable'), (101,
'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Index: mod-wsgi-3.3/mod_wsgi.c
===================================================================
--- mod-wsgi-3.3.orig/mod_wsgi.c 2011-04-13 13:54:19.000000000 +0200
+++ mod-wsgi-3.3/mod_wsgi.c 2011-04-13 13:54:35.000000000 +0200
@@ -3192,10 +3192,10 @@
}
else if (!strcasecmp(name, "Content-Length")) {
char *v = value;
- long l = 0;
+ apr_off_t l = 0;
errno = 0;
- l = strtol(v, &v, 10);
+ l = strtoll(v, &v, 10);
if (*v || errno == ERANGE || l < 0) {
PyErr_SetString(PyExc_ValueError,
"invalid content length");
