BUG/MEDIUM: mux-h1: Properly detect full buffer cases during message parsing

When the destination buffer is full while there are still data to parse, the h1s must be marked as congested to be able to restart the parsing later. This work on headers and data parsing. But on trailers parsing, we fail to do so when the buffer is full before to parse the trailers. In this case, we skip the trailers parsing but the h1s is not marked as congested. This is important to be sure to wake up the mux to restart the parsing when some room is made in the buffer. Because of this bug, the message processing may hang till a timeout is triggered. Note that for 2.3 and 2.2, the EOM processing is buggy too, for the same reason. It should be fixed too on these versions. On the 2.0, only trailers parsing is affected. This patch must be backported as far as 2.0. On 2.3 and 2.2, the EOM parsing must be fixed too.
2025-01-19 20:20:45 +00:00 · 2022-03-28 16:19:02 +02:00 · 2022-03-28 16:19:02 +02:00 · 744451c7c4
commit 744451c7c4
parent d9fc12818e
1 changed files with 1 additions and 1 deletions
--- a/src/mux_h1.c
+++ b/src/mux_h1.c
@ -1666,7 +1666,7 @@ static size_t h1_handle_trailers(struct h1s *h1s, struct h1m *h1m, struct htx *h
 			TRACE_ERROR("parsing error, reject H1 message", H1_EV_RX_DATA|H1_EV_RX_TLRS|H1_EV_H1S_ERR, h1s->h1c->conn, h1s);
 			h1_capture_bad_message(h1s->h1c, h1s, h1m, buf);
 		}
-		else if (ret == -2) {
+		else if (ret == -2 || b_data(buf) != *ofs) {
 			TRACE_STATE("RX path congested, waiting for more space", H1_EV_RX_DATA|H1_EV_RX_TLRS|H1_EV_H1S_BLK, h1s->h1c->conn, h1s);
 			h1s->flags |= H1S_F_RX_CONGESTED;
 		}