From 32b51cdf303cb30425000f1db6ecdae5de84ff8d Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Thu, 26 Aug 2021 15:59:44 +0200 Subject: [PATCH] BUG/MINOR: config: reject configs using HTTP with bufsize >= 256 MB As seen in commit 5ef965606 ("BUG/MINOR: lua: use strlcpy2() not strncpy() to copy sample keywords"), configs with large values of tune.bufsize were not practically usable since Lua was introduced, regardless of the machine's available memory. In addition, HTX encoding already limits block sizes to 256 MB, thus it is not technically possible to use that large a buffer size when HTTP is in use. This is absurdly high anyway, and for example Lua initialization would take around one minute on a 4 GHz CPU. Better prevent such a config from starting than having to deal with bug reports that make no sense. The check is only enforced if at least one HTX proxy was found, as there is no techincal reason to block it for configs that are solely based on raw TCP, and it could still be imagined that some such might exist with single connections (e.g. a log forwarder that buffers to cover for the storage I/O latencies). This should be backported to all HTX-enabled versions (2.0 and above). --- src/cfgparse.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/cfgparse.c b/src/cfgparse.c index 9f6f3fe16..250e4ed58 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -2477,6 +2477,12 @@ int check_config_validity() eb32_insert(&used_proxy_id, &curproxy->conf.id); } + if (curproxy->mode == PR_MODE_HTTP && global.tune.bufsize >= (256 << 20) && ONLY_ONCE()) { + ha_alert("global.tune.bufsize must be below 256 MB when HTTP is in use (current value = %d).\n", + global.tune.bufsize); + cfgerr++; + } + /* next IDs are shifted even if the proxy is disabled, this * guarantees that a proxy that is temporarily disabled in the * configuration doesn't cause a renumbering. Internal proxies