IBM Support

PK48505: HTTP STATUS CODES ARE CHANGED TO HTTP 500 WHEN MOD_DEFLATE ADDED AND SETOUTPUTFILTER DIRECTIVE SPECIFIED.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • The LimitRequestBody Directive is specified in a httpd.conf to
    restricts the total size of the HTTP request body sent from the
    client.
    If a client request exceeds that limit, the server returned the
    error response HTTP 413. However, HTTP status codes are changed
    to HTTP 500 when they add a mod_deflate module and specified the
    SetOutputFilter directive to compress contents.
    
    From error.log file:
    [Tue Jul 03 15:31:16 2007] [error] [client 9.189.59.112]
    Requested content-length of 22425 is larger than the configured
    limit of 10240
    [Tue Jul 03 15:31:16 2007] [debug] mod_deflate.c(522): [client
    9.189.59.112] Zlib: Compressed 0 to 2 : URL /test.html
    [Tue Jul 03 15:31:16 2007] [info] [client 9.189.59.112]
    (20014)Error string not specified yet: default_handler:
    ap_pass_brigade returned 20014
    

Local fix

  • N/A
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: IBM HTTP SERVER configurations with          *
    * mod_deflate configured                                       *
    ****************************************************************
    * PROBLEM DESCRIPTION: mod_deflate can be passed special       *
    * metadata which convey error or other information.  This      *
    * cannot be treated as normal data but instead must be passed  *
    * on to other filters.  mod_deflate did not handle this        *
    * metadata properly.  In the case where LimitRequestSize       *
    * processing uses this metadata to convey the proper HTTP      *
    * status code, the lack of proper metadata processing in       *
    * mod_deflate caused the wrong status code to be returned to   *
    * the client.                                                  *
    ****************************************************************
    * RECOMMENDATION: Apply this fix if mod_deflate is enabled and *
    * HTTP status codes for error responses are incorrect.*
    ****************************************************************
    

Problem conclusion

  • mod_deflate was updated to recognize metadata in its input
    stream and pass it through unmodified to the caller.  That
    resolves the incorrect HTTP status code with LimitRequestSize
    and potentially other error paths as well.
    .
    As part of this fix, a compiler optimization problem was
    discovered with the APR_RING_HEAD() macro used in many places
    in the Apache HTTP Server and IBM HTTP Server, including this
    required fix to mod_deflate.  The macro was updated to disable
    aggressive optimization.
    .
    We are not currently aware of other web server features which
    were broken by the aggressive optimization.
    .
    This fix is targeted for:
    Fix pack 6.1.0.13.
    Fix pack 6.0.2.25.
    Cumulative e-fix PK53584 for 2.0.47.1
    

Temporary fix

Comments

APAR Information

  • APAR number

    PK48505

  • Reported component name

    IBM HTTP SERVER

  • Reported component ID

    5724J0801

  • Reported release

    61W

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2007-07-06

  • Closed date

    2007-09-05

  • Last modified date

    2007-10-25

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    IBM HTTP SERVER

  • Fixed component ID

    5724J0801

Applicable component levels

  • R60A PSN

       UP

  • R60H PSN

       UP

  • R60P PSN

       UP

  • R60I PSN

       UP

  • R60S PSN

       UP

  • R60W PSN

       UP

  • R60Z PSN

       UP

  • R61A PSN

       UP

  • R61H PSN

       UP

  • R61P PSN

       UP

  • R61I PSN

       UP

  • R61S PSN

       UP

  • R61W PSN

       UP

  • R61Z PSN

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
07 September 2022