httpd/backport-Report-an-error-if-the-AJP-backend-sends-an-invalid-number-of-headers.patch

From 296a99c3102e4dd91153a8fb732275b804f001fc Mon Sep 17 00:00:00 2001
From: Eric Covener <covener@apache.org>
Date: Mon, 23 Jan 2023 04:59:22 PM GMT+0800
Subject: [PATCH] Report an error if the AJP backend sends an invalid number of headers

Conflict:NA
Reference:https://github.com/apache/httpd/commit/296a99c3102e4dd91153a8fb732275b804f001fc

---
 modules/proxy/ajp_header.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/modules/proxy/ajp_header.c b/modules/proxy/ajp_header.c
index b4dc47c..a09a2e4 100644
--- a/modules/proxy/ajp_header.c
+++ b/modules/proxy/ajp_header.c
@@ -584,8 +584,15 @@ static apr_status_t ajp_unmarshal_response(ajp_msg_t *msg,
         r->headers_out = save_table;
     }
     else {
-        r->headers_out = NULL;
+        /*
+         * Reset headers, but not to NULL because things below the chain expect
+         * this to be non NULL e.g. the ap_content_length_filter.
+         */
+        r->headers_out = apr_table_make(r->pool, 1);
         num_headers = 0;
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(10405)
+                "ajp_unmarshal_response: Bad number of headers");
+        return rc;
     }
 
     ap_log_rerror(APLOG_MARK, APLOG_TRACE4, 0, r,
-- 
2.27.0