--- httpd/httpd/branches/2.2.x/server/protocol.c 2012/01/24 19:59:57 1235453
+++ httpd/httpd/branches/2.2.x/server/protocol.c 2012/01/24 20:02:19 1235454
@@ -670,6 +670,16 @@
return 1;
}
+/* get the length of the field name for logging, but no more than 80 bytes */
+#define LOG_NAME_MAX_LEN 80
+static int field_name_len(const char *field)
+{
+ const char *end = ap_strchr_c(field, ':');
+ if (end == NULL || end - field > LOG_NAME_MAX_LEN)
+ return LOG_NAME_MAX_LEN;
+ return end - field;
+}
+
AP_DECLARE(void) ap_get_mime_headers_core(request_rec *r, apr_bucket_brigade *bb)
{
char *last_field = NULL;
@@ -709,12 +719,15 @@
/* insure ap_escape_html will terminate correctly */
field[len - 1] = '\0';
apr_table_setn(r->notes, "error-notes",
- apr_pstrcat(r->pool,
+ apr_psprintf(r->pool,
"Size of a request header field "
"exceeds server limit.
\n"
- "
\n", - ap_escape_html(r->pool, field), - "\n", NULL)); + "
\n%.*s\n/n", + field_name_len(field), + ap_escape_html(r->pool, field))); + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, + "Request header exceeds LimitRequestFieldSize: " + "%.*s", field_name_len(field), field); } return; } @@ -735,13 +748,17 @@ * overflow (last_field) as the field with the problem */ apr_table_setn(r->notes, "error-notes", - apr_pstrcat(r->pool, + apr_psprintf(r->pool, "Size of a request header field " "after folding " "exceeds server limit.
\n", - ap_escape_html(r->pool, last_field), - "\n", NULL)); + "
\n%.*s\n\n", + field_name_len(last_field), + ap_escape_html(r->pool, last_field))); + ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, + "Request header exceeds LimitRequestFieldSize " + "after folding: %.*s", + field_name_len(last_field), last_field); return; } @@ -773,13 +790,18 @@ if (!(value = strchr(last_field, ':'))) { /* Find ':' or */ r->status = HTTP_BAD_REQUEST; /* abort bad request */ apr_table_setn(r->notes, "error-notes", - apr_pstrcat(r->pool, + apr_psprintf(r->pool, "Request header field is " "missing ':' separator.
\n", + "\n", NULL)); + last_field))); + ap_log_rerror(APLOG_MARK, APLOG_DEBUG, 0, r, + "Request header field is missing ':' " + "separator: %.*s", (int)LOG_NAME_MAX_LEN, + last_field); + return; }\n%.*s\n", + (int)LOG_NAME_MAX_LEN, ap_escape_html(r->pool, - last_field), - "