From 34d4c3c13f0172f0f8f0dd99f92c61e7eb78e98f Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 30 Jan 2015 20:58:58 +0100 Subject: [PATCH] BUG/MINOR: http: abort request processing on filter failure Commit c600204 ("BUG/MEDIUM: regex: fix risk of buffer overrun in exp_replace()") added a control of failure on the response headers, but forgot to check for the error during request processing. So if the filters fail to apply, we could keep the request. It might cause some headers to silently fail to be added for example. Note that it's tagged MINOR because a standard configuration cannot make this case happen. The fix should be backported to 1.5 and 1.4 though. --- src/proto_http.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/proto_http.c b/src/proto_http.c index b8f552015..504a0a94d 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -7092,7 +7092,8 @@ int apply_filters_to_request(struct session *s, struct channel *req, struct prox /* The filter did not match the request, it can be * iterated through all headers. */ - apply_filter_to_req_headers(s, req, exp); + if (unlikely(apply_filter_to_req_headers(s, req, exp) < 0)) + return -1; } } return 0;