mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-08 08:07:10 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: lua: properly process the contents of the content-length field

Browse Source 
The header's value was parsed with atoi() then compared against -1,
meaning that all the unparsable stuff returning zero was not considered
and that all multiples of 2^32 + 0xFFFFFFFF would continue to emit a
chunk.

Now instead we parse the value using a long long, only accept positive
values and consider all unparsable values as incorrect and switch to
either close or chunked encoding. This is more in line with what a
client (including haproxy's parser) would expect.

This may be backported as a cleanup to stable versions, though it's
really unlikely that Lua applications are facing side effects of this.
This commit is contained in:
Willy Tarreau 2017-08-23 09:32:06 +02:00
parent 06c75fec17
commit c9f4ea0f61
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/hlua.c
View File

@ -4199,7 +4199,7 @@ __LJMP static int hlua_applet_http_start_response(lua_State *L)
const char *value; const char *value;
int id; int id;
int hdr_connection = 0; int hdr_connection = 0;
int hdr_contentlength = -1; long long hdr_contentlength = -1;
int hdr_chunked = 0; int hdr_chunked = 0;
const char *reason = appctx->appctx->ctx.hlua_apphttp.reason; const char *reason = appctx->appctx->ctx.hlua_apphttp.reason;
@ -4276,11 +4276,12 @@ __LJMP static int hlua_applet_http_start_response(lua_State *L)
hdr_connection = 1; hdr_connection = 1;
/* Copy the header content length. The length conversion /* Copy the header content length. The length conversion
* is done without control. If it contains a ad value, this * is done without control. If it contains a bad value,
* is not our problem. * the content-length remains negative so that we can
* switch to either chunked encoding or close.
*/ */
if (strcasecmp("content-length", name) == 0) if (strcasecmp("content-length", name) == 0)
hdr_contentlength = atoi(value); strl2llrc(value, strlen(value), &hdr_contentlength);
/* Check if the client annouces a transfer-encoding chunked it self. */ /* Check if the client annouces a transfer-encoding chunked it self. */
if (strcasecmp("transfer-encoding", name) == 0 && if (strcasecmp("transfer-encoding", name) == 0 &&
@ -4313,7 +4314,7 @@ __LJMP static int hlua_applet_http_start_response(lua_State *L)
* for the keepalive compliance. If the applet annouces a transfer-encoding * for the keepalive compliance. If the applet annouces a transfer-encoding
* chunked itslef, don't do anything. * chunked itslef, don't do anything.
*/ */
if (hdr_contentlength == -1 && hdr_chunked == 0 && if (hdr_contentlength < 0 && hdr_chunked == 0 &&
(appctx->appctx->ctx.hlua_apphttp.flags & APPLET_HTTP11) && (appctx->appctx->ctx.hlua_apphttp.flags & APPLET_HTTP11) &&
appctx->appctx->ctx.hlua_apphttp.status >= 200 && appctx->appctx->ctx.hlua_apphttp.status >= 200 &&
appctx->appctx->ctx.hlua_apphttp.status != 204 && appctx->appctx->ctx.hlua_apphttp.status != 204 &&