IBM Support

PK77969: IBM HTTP SERVER RETURN CODE 403 FOR LONG URLS THAT EXCEED SYSTEM MAX PATH LENGTH SETTING

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When a request URI results in a local path that exceeds the
server's operating system PATH_MAX limit, a 403 (forbidden) is
returned but nothing is logged in the server's error log to
explain why.

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED: Any IBM HTTP Server that receives requests   *
* with a URI that maps to a local filename whose length exceeds*
* the local system PATH_MAX setting. This issue exists on IBM  *
* HTTP Server versions prior to 6.0.2.35 and 6.1.0.25. IBM HTTP*
* Server version 7 is not impacted.                            *
****************************************************************
* PROBLEM DESCRIPTION: When a request URI results in a local   *
* path that exceeds the server's operating system PATH_MAX     *
* limit, a 403 (forbidden) is returned but nothing is logged in*
* the server's error log to explain why.
****************************************************************
* RECOMMENDATION: Apply this fix if you get 403 responses and  *
* you have very long urls or very long filepaths.              *
****************************************************************


The return codes from apr_filepath_merge were checked but not
logged.

    



Problem conclusion


    

  • A log message was added to explain why the request was rejected
with a 403 (forbidden) response.

This fix is targeted for IHS fixpacks:
 6.0.2.35
 6.1.0.25
 (n/a for 7.0 release)

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PK77969
    • 

  • Reported component name
    IBM HTTP SERVER
    • 

  • Reported component ID
    5724J0801
    • 

  • Reported release
    60A
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2008-12-29
    • 

  • Closed date
    2009-01-12
    • 

  • Last modified date
    2009-01-12
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    IBM HTTP SERVER
    • 

  • Fixed component ID
    5724J0801
    • 



Applicable component levels


    

  • R60A  PSN
       UP
    • 

  • R60H  PSN
       UP
    • 

  • R60I  PSN
       UP
    • 

  • R60P  PSN
       UP
    • 

  • R60S  PSN
       UP
    • 

  • R60W  PSN
       UP
    • 

  • R60Z  PSN
       UP
    • 

  • R61A  PSN
       UP
    • 

  • R61H  PSN
       UP
    • 

  • R61I  PSN
       UP
    • 

  • R61P  PSN
       UP
    • 

  • R61S  PSN
       UP
    • 

  • R61W  PSN
       UP
    • 

  • R61Z  PSN
       UP
    • 








      
              
                            

              

              [{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.0"}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            07 September 2022
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback