From da9f7bae5de2d31353c2c9fa58426a628a3da938 Mon Sep 17 00:00:00 2001
From: zhangyaqi <zhangyaqi@kylinos.cn>
Date: Wed, 22 May 2024 16:22:56 +0800
Subject: [PATCH] allocate a heap buffer if the configured size is greater than
 the stack-allocated buffer

(cherry picked from commit c88453fff43ca873b7dac70377f50d1278528b58)
---
 ...ort-only-allocate-a-heap-heap-buffer.patch | 33 +++++++++++++++++++
 httpd.spec                                    |  9 ++++-
 2 files changed, 41 insertions(+), 1 deletion(-)
 create mode 100644 backport-only-allocate-a-heap-heap-buffer.patch

diff --git a/backport-only-allocate-a-heap-heap-buffer.patch b/backport-only-allocate-a-heap-heap-buffer.patch
new file mode 100644
index 0000000..e14beda
--- /dev/null
+++ b/backport-only-allocate-a-heap-heap-buffer.patch
@@ -0,0 +1,33 @@
+From aa86530aec72e5de24227dbe2054cd713fb3d3f5 Mon Sep 17 00:00:00 2001
+From: Joe Orton <jorton@apache.org>
+Date: Wed, 8 May 2024 12:44:52 +0000
+Subject: [PATCH] * modules/proxy/mod_proxy_fcgi.c (dispatch): Only allocate a
+ heap   buffer if the configured size is greater than the stack-allocated  
+ buffer.
+
+Reference: https://github.com/apache/httpd/commit/aa86530aec72e5de24227dbe2054cd713fb3d3f5
+git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1917576 13f79535-47bb-0310-9956-ffa450edef68
+---
+ modules/proxy/mod_proxy_fcgi.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/modules/proxy/mod_proxy_fcgi.c b/modules/proxy/mod_proxy_fcgi.c
+index 831bd15..ee7d24f 100644
+--- a/modules/proxy/mod_proxy_fcgi.c
++++ b/modules/proxy/mod_proxy_fcgi.c
+@@ -569,7 +569,11 @@ static apr_status_t dispatch(proxy_conn_rec *conn, proxy_dir_conf *conf,
+     *err = NULL;
+     if (conn->worker->s->io_buffer_size_set) {
+         iobuf_size = conn->worker->s->io_buffer_size;
+-        iobuf = apr_palloc(r->pool, iobuf_size);
++        /* Allocate a buffer if the configured size is larger than the
++        * stack buffer, otherwise use the stack buffer. */
++        if (iobuf_size > AP_IOBUFSIZE) {
++            iobuf = apr_palloc(r->pool, iobuf_size);
++        }
+     }
+ 
+     pfd.desc_type = APR_POLL_SOCKET;
+-- 
+2.27.0
+
diff --git a/httpd.spec b/httpd.spec
index 61ed127..e0592ba 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -8,7 +8,7 @@
 Name:             httpd
 Summary:          Apache HTTP Server
 Version:          2.4.58
-Release:          2
+Release:          3
 License:          ASL 2.0
 URL:              https://httpd.apache.org/
 Source0:          https://archive.apache.org/dist/httpd/httpd-%{version}.tar.bz2
@@ -76,6 +76,7 @@ Patch22:          backport-CVE-2024-24795-let-httpd-handle-CL-TE-for-non-http-ha
 Patch23:          backport-CVE-2023-38709-header-validation-after-content.patch
 Patch24:          backport-CVE-2024-27316-bail-after-too-many-failed-reads.patch
 Patch25:          backport-remove-dependency-on-xmlstring-header.patch
+Patch26:          backport-only-allocate-a-heap-heap-buffer.patch
 
 BuildRequires:    gcc autoconf pkgconfig findutils xmlto perl-interpreter perl-generators systemd-devel
 BuildRequires:    zlib-devel libselinux-devel lua-devel brotli-devel
@@ -512,6 +513,12 @@ exit $rv
 %{_rpmconfigdir}/macros.d/macros.httpd
 
 %changelog
+* Wed May 22 2024 zhangyaqi <zhagnyaqi@kylinos.cn> - 2.4.58-3
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:allocate a heap buffer if the configured size is greater than the stack-allocated buffer.
+
 * Mon May 06 2024 chengyechun <chengyechun1@huaiwe.com> - 2.4.58-2
 - Type:CVE
 - ID:CVE-2024-24795,CVE-2023-38709,CVE-2024-27316
-- 
Gitee