From e7964eac2d3fc2b831f82b6b2825de3c5cdd5912 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <cfaulet@haproxy.com>
Date: Wed, 27 Sep 2023 15:21:28 +0200
Subject: [PATCH] BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is
 also set

In fact, during the parsing there is already a test to remove the
Content-Length header if a Transfer-Encoding one is found. However, in the
parser, the content-length value was still used to set the body length (the
final one and the remaining one). This value is thus also used to set the
extra field in the HTX message and is then used during the sending stage to
announce the chunk size.

So, Content-Length header value must be ignored by the H1 parser to properly
reformat the message when it is sent.

This patch must be backported as far as 2.6. Lower versions don"t handle
this case.
---
 src/h1.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/h1.c b/src/h1.c
index 38b73cd95..2632bd305 100644
--- a/src/h1.c
+++ b/src/h1.c
@@ -1143,6 +1143,7 @@ int h1_headers_to_hdr_list(char *start, const char *stop,
 				/* T-E + C-L: force close and remove C-L */
 				h1m->flags |= H1_MF_CONN_CLO;
 				h1m->flags &= ~H1_MF_CLEN;
+				h1m->curr_len = h1m->body_len = 0;
 				hdr_count = http_del_hdr(hdr, ist("content-length"));
 			}
 			else if (!(h1m->flags & H1_MF_VER_11)) {