Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:dirkmueller:acdc:as_python3_module
haproxy.27763
0001-BUG-MAJOR-http-htx-prevent-unbounded-loop-...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-BUG-MAJOR-http-htx-prevent-unbounded-loop-in-http_ma.patch of Package haproxy.27763
From bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8 Mon Sep 17 00:00:00 2001 From: Andrew McDermott <aim@frobware.com> Date: Fri, 11 Feb 2022 18:26:49 +0000 Subject: [PATCH 1/1] BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies Ensure calls to http_find_header() terminate. If a "Set-Cookie2" header is found then the while(1) loop in http_manage_server_side_cookies() will never terminate, resulting in the watchdog firing and the process terminating via SIGABRT. The while(1) loop becomes unbounded because an unmatched call to http_find_header("Set-Cookie") will leave ctx->blk=NULL. Subsequent calls to check for "Set-Cookie2" will now enumerate from the beginning of all the blocks and will once again match on subsequent passes (assuming a match first time around), hence the loop becoming unbounded. This issue was introduced with HTX and this fix should be backported to all versions supporting HTX. Many thanks to Grant Spence (gspence@redhat.com) for working through this issue with me. --- src/http_ana.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/http_ana.c b/src/http_ana.c index 715dd3a5c..c2d9d9b43 100644 --- a/src/http_ana.c +++ b/src/http_ana.c @@ -3418,7 +3418,7 @@ static void http_manage_server_side_cookies(struct stream *s, struct channel *re while (1) { int is_first = 1; - if (!http_find_header(htx, ist("Set-Cookie"), &ctx, 1)) { + if (is_cookie2 || !http_find_header(htx, ist("Set-Cookie"), &ctx, 1)) { if (!http_find_header(htx, ist("Set-Cookie2"), &ctx, 1)) break; is_cookie2 = 1; -- 2.34.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor