trafficserver-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From e..@apache.org
Subject [trafficserver] branch 8.1.x updated: Fixes (#7971)
Date Tue, 22 Jun 2021 21:33:05 GMT
This is an automated email from the ASF dual-hosted git repository.

eze pushed a commit to branch 8.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/8.1.x by this push:
     new b82a3d1  Fixes (#7971)
b82a3d1 is described below

commit b82a3d192f995fb9d78e1c44d51d9acca4783277
Author: Evan Zelkowitz <eze@apache.org>
AuthorDate: Tue Jun 22 14:32:55 2021 -0700

    Fixes (#7971)
    
    * String the url fragment for outgoing requests (#7966)
    
    Co-authored-by: Susan Hinrichs <shinrich@verizonmedia.com>
    (cherry picked from commit 2b13eb33794574e62249997b4ba654d943a10f2d)
    
    * Ensure that the content-length value is only digits (#7964)
    
    Co-authored-by: Susan Hinrichs <shinrich@verizonmedia.com>
    (cherry picked from commit 668d0f8668fec1cd350b0ceba3f7f8e4020ae3ca)
    
    * Schedule H2 reenable event only if it's necessary
    
    Co-authored-by: Katsutoshi Ikenoya <kikenoya@yahoo-corp.jp>
    
    * Fix dynamic-stack-buffer-overflow of cachekey plugin (#7945)
    
    * Fix dynamic-stack-buffer-overflow of cachekey plugin
    
    * Check dst_size include null termination
    
    (cherry picked from commit 5a9339d7bc65e1c2d8d2a0fc80bb051daf3cdb0b)
    
    Co-authored-by: Bryan Call <bcall@apache.org>
    Co-authored-by: Masakazu Kitajo <maskit@apache.org>
    Co-authored-by: Katsutoshi Ikenoya <kikenoya@yahoo-corp.jp>
    Co-authored-by: Masaori Koshiba <masaori@apache.org>
---
 plugins/cachekey/cachekey.cc      |  2 +-
 proxy/hdrs/HTTP.cc                | 11 +++++++++++
 proxy/http/HttpTransact.cc        |  5 ++++-
 proxy/http2/Http2ClientSession.cc | 14 +++++++-------
 proxy/logging/LogUtils.cc         |  2 +-
 5 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/plugins/cachekey/cachekey.cc b/plugins/cachekey/cachekey.cc
index 5f12889..44925b3 100644
--- a/plugins/cachekey/cachekey.cc
+++ b/plugins/cachekey/cachekey.cc
@@ -41,7 +41,7 @@ appendEncoded(String &target, const char *s, size_t len)
     return;
   }
 
-  char tmp[len * 2];
+  char tmp[len * 3 + 1];
   size_t written;
 
   /* The default table does not encode the comma, so we need to use our own table here. */
diff --git a/proxy/hdrs/HTTP.cc b/proxy/hdrs/HTTP.cc
index 6a2ecc4..48032dd 100644
--- a/proxy/hdrs/HTTP.cc
+++ b/proxy/hdrs/HTTP.cc
@@ -1202,6 +1202,17 @@ validate_hdr_content_length(HdrHeap *heap, HTTPHdrImpl *hh)
     int content_length_len         = 0;
     const char *content_length_val = content_length_field->value_get(&content_length_len);
 
+    // RFC 7230 section 3.3.2
+    // Content-Length = 1*DIGIT
+    //
+    // If the content-length value contains a non-numeric value, the header is invalid
+    for (int i = 0; i < content_length_len; i++) {
+      if (!isdigit(content_length_val[i])) {
+        Debug("http", "Content-Length value contains non-digit, returning parse error");
+        return PARSE_RESULT_ERROR;
+      }
+    }
+
     while (content_length_field->has_dups()) {
       int content_length_len_2         = 0;
       const char *content_length_val_2 = content_length_field->m_next_dup->value_get(&content_length_len_2);
diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index c3d135b..2de29a8 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -7619,9 +7619,12 @@ HttpTransact::build_request(State *s, HTTPHdr *base_request, HTTPHdr
*outgoing_r
 
   // HttpTransactHeaders::convert_request(outgoing_version, outgoing_request); // commented
out this idea
 
+  URL *url = outgoing_request->url_get();
+  // Remove fragment from upstream URL
+  url->fragment_set(NULL, 0);
+
   // Check whether a Host header field is missing from a 1.0 or 1.1 request.
   if (outgoing_version != HTTPVersion(0, 9) && !outgoing_request->presence(MIME_PRESENCE_HOST))
{
-    URL *url = outgoing_request->url_get();
     int host_len;
     const char *host = url->host_get(&host_len);
 
diff --git a/proxy/http2/Http2ClientSession.cc b/proxy/http2/Http2ClientSession.cc
index 6d7d3de..ee952b8 100644
--- a/proxy/http2/Http2ClientSession.cc
+++ b/proxy/http2/Http2ClientSession.cc
@@ -82,11 +82,6 @@ Http2ClientSession::destroy()
 void
 Http2ClientSession::free()
 {
-  if (this->_reenable_event) {
-    this->_reenable_event->cancel();
-    this->_reenable_event = nullptr;
-  }
-
   if (h2_pushed_urls) {
     this->h2_pushed_urls = ink_hash_table_destroy(this->h2_pushed_urls);
   }
@@ -107,6 +102,11 @@ Http2ClientSession::free()
   REMEMBER(NO_EVENT, this->recursion)
   Http2SsnDebug("session free");
 
+  if (this->_reenable_event) {
+    this->_reenable_event->cancel();
+    this->_reenable_event = nullptr;
+  }
+
   // Don't free active ProxySession
   ink_release_assert(is_active() == false);
 
@@ -653,8 +653,8 @@ Http2ClientSession::remember(const SourceLocation &location, int event,
int reen
 bool
 Http2ClientSession::_should_do_something_else()
 {
-  // Do something else every 128 incoming frames
-  return (this->_n_frame_read & 0x7F) == 0;
+  // Do something else every 128 incoming frames if connection state isn't closed
+  return (this->_n_frame_read & 0x7F) == 0 && !connection_state.is_state_closed();
 }
 
 int64_t
diff --git a/proxy/logging/LogUtils.cc b/proxy/logging/LogUtils.cc
index 94becf2..475bee8 100644
--- a/proxy/logging/LogUtils.cc
+++ b/proxy/logging/LogUtils.cc
@@ -343,7 +343,7 @@ escapify_url_common(Arena *arena, char *url, size_t len_in, int *len_out,
char *
   //
   size_t out_len = len_in + 2 * count;
 
-  if (dst && out_len > dst_size) {
+  if (dst && (out_len + 1) > dst_size) {
     *len_out = 0;
     return nullptr;
   }

Mime
View raw message