You have created an infinite loop in the event that $content_length > data_delivered_via_post. This could (will) occur if the client terminates the connection part way through the post which is quite possible with long posts. The Content-Length header arrives before the physical content stream. In CGI::Simple the code looks like:
if ( $length ) { # we may not get all the data we want with a single read o +n large # POSTs as it may not be here yet! Credit Jason Luther for + patch # CGI.pm < 2.99 suffers from same bug read( STDIN, $data, $length ); while ( length($data) < $length ) { last unless read( STDIN, my $buffer, 4096 ); $data .= $buffer; } unless ( $length == length $data ) { $self->cgi_error( "500 Bad read on POST! wanted $lengt +h, got ".(length $data) ); return; } }
The significant point is that we exit the loop if we do not read any data. This the second exit condition you need to include in your patch to preclude going infinite if you don't get all the expected data for whatever reason. I would suggest something like this (totally untested code) perhaps:
if($content_length > 0) { my $len = $content_length; while ($len > 0) { my $data = ''; my $read = $self->read_from_client(\$data,$len,0); last unless $read; $len -= $read; $query_string .= $data; } }
This will exit the loop if we get no data and only ask for what we still expect.....
cheers
tachyon
In reply to Re: CGI.pm bug in Apache 2/mod-perl 2 setup
by tachyon
in thread CGI.pm bug in Apache 2/mod-perl 2 setup
by mpeppler
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |