From aaa72e06e5e996a1eecaef6597ca5543b220f7d4 Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Fri, 12 Apr 2024 14:36:47 +0200 Subject: [PATCH] BUG/MEDIUM: cache/stats: Handle inbuf allocation failure in the I/O handler When cache and stats applets were changed to use their own buffers, a change was also performed to no longer access the stream from the I/O handller. Among other things, the HTTP start-line of the request is now retrieved to get the method. But, when these changes were brought, the inbuf buffer allocation failures were not handled. It is of course not so common. But if this happens, a crash may be experienced. To fix the issue, we now check for inbuf allocation failures before accessing it. No backported needed. --- src/cache.c | 4 ++++ src/stats.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/cache.c b/src/cache.c index 79de40c5f..caa072ff2 100644 --- a/src/cache.c +++ b/src/cache.c @@ -1808,6 +1808,10 @@ static void http_cache_io_handler(struct appctx *appctx) if (appctx->st0 == HTX_CACHE_HEADER) { struct ist meth; + if (unlikely(applet_fl_test(appctx, APPCTX_FL_INBLK_ALLOC))) { + goto exit; + } + /* Headers must be dump at once. Otherwise it is an error */ ret = htx_cache_dump_msg(appctx, res_htx, len, HTX_BLK_EOH); if (!ret || (htx_get_tail_type(res_htx) != HTX_BLK_EOH) || diff --git a/src/stats.c b/src/stats.c index 76fe2b70d..a7163732e 100644 --- a/src/stats.c +++ b/src/stats.c @@ -4494,7 +4494,7 @@ static void http_stats_io_handler(struct appctx *appctx) /* only proxy stats are available via http */ ctx->domain = STATS_DOMAIN_PROXY; - if (applet_fl_test(appctx, APPCTX_FL_OUTBLK_ALLOC|APPCTX_FL_OUTBLK_FULL)) + if (applet_fl_test(appctx, APPCTX_FL_INBLK_ALLOC|APPCTX_FL_OUTBLK_ALLOC|APPCTX_FL_OUTBLK_FULL)) goto out; if (applet_fl_test(appctx, APPCTX_FL_FASTFWD) && se_fl_test(appctx->sedesc, SE_FL_MAY_FASTFWD_PROD))