# SECURITY: CVE-2010-0425 (cve.mitre.org)
# 
# mod_isapi: Do not unload an isapi .dll module until the request
# processing is completed, avoiding orphaned callback pointers.
# 
# Submitted by: Brett Gervasoni <brettg senseofsecurity.com>, trawick
# Reviewed by: trawick, wrowe
# Backports: r917870
#
# /httpd/httpd/branches/2.0.x/modules/arch/win32/mod_isapi.c r920961
#
Index: modules/arch/win32/mod_isapi.c
===================================================================
--- modules/arch/win32/mod_isapi.c	(revision 920960)
+++ modules/arch/win32/mod_isapi.c	(revision 920961)
@@ -1537,7 +1537,6 @@
     /* Set up client input */
     res = ap_setup_client_block(r, REQUEST_CHUNKED_ERROR);
     if (res) {
-        isapi_unload(isa, 0);
         return res;
     }
 
@@ -1568,7 +1567,6 @@
         }
 
         if (res < 0) {
-            isapi_unload(isa, 0);
             return HTTP_INTERNAL_SERVER_ERROR;
         }