Red Hat Bugzilla – Bug 97111
httpd insists on always calculating Content-Length from CGI output.
Last modified: 2007-04-18 12:54:44 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.3.1) Gecko/20030527
Description of problem:
httpd always insists on calculating Content-Length from CGI output and ignores
any Content-Length header added by the CGI script.
The result of this is that it buffers all of the CGI's STDOUT _before_ sending
the data to the client. This leads to httpd taking huge amounts of memory for
CGI's that stream data like mp3's to the client and OOM'ing the machine.
I even tried to move the "LoadModule cgi_module.." at the very end of all the
modules in case some filters/other modules were causing this and no difference.
Building httpd-2.0.45 from Rawhide src.rpm solves the problem.
this bug makes the stanard 8.0 httpd useless for me.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
it's easy to reproduce, just drop the following in /var/www/cgi-bin/test.cgi:
echo "Content-Type: audio/mpeg"
# modify line below to change the number to
# the exact size of your mp3
echo "Content-Length: 13136351"
# replace the following with some large mp3 file
also removing the echo "Content-Length... " entirely should also be valid, but
it still insists on calculating it.
Actual Results: httpd process used 30+Mb of memory. subsequent requests do the
same to other httpd's processes eventually the box OOM's.
Expected Results: the memory consunption of httpd processes' should not have
this is the case with Apache 2.0.45 and 1.3.x
Confirmed with Redhat 9 too.
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.
*** Bug 103744 has been marked as a duplicate of this bug. ***
*** Bug 84642 has been marked as a duplicate of this bug. ***