RepoMirrors
/
haproxy
mirror of http://git.haproxy.org/git/haproxy.git/
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

BUG/MEDIUM: spoe: arg len encoded in previous frag frame but len changed 

Fragmented arg will do fetch at every encode time, each fetch may get
different result if SMP_F_MAY_CHANGE, for example res.payload, but
the length already encoded in first fragment of the frame, that will
cause SPOA decode failed and waste resources.

This patch must be backported to 1.9 and 1.8.
This commit is contained in:
Kevin Zhu 2019-04-26 14:00:01 +08:00 committed by Christopher Faulet
parent 1907ccc2f7
commit f7f54280c8
3 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/proto/spoe.h
View File

@ -121,7 +121,7 @@ spoe_decode_buffer(char **buf, char *end, char **str, uint64_t *len)
* many bytes has been encoded. If <*off> is zero at the end, it means that all
* data has been encoded. */
static inline int
spoe_encode_data(struct sample *smp, unsigned int *off, char **buf, char *end)
spoe_encode_data(unsigned int *len, struct sample *smp, unsigned int *off, char **buf, char *end)
{
char *p = *buf;
int ret;
@ -185,15 +185,16 @@ spoe_encode_data(struct sample *smp, unsigned int *off, char **buf, char *end)
end);
if (ret == -1)
return -1;
*len = chk->data;
}
else {
/* The sample has been fragmented, encode remaining data */
ret = MIN(chk->data - *off, end - p);
ret = MIN(*len - *off, end - p);
memcpy(p, chk->area + *off, ret);
p += ret;
}
/* Now update <*off> */
if (ret + *off != chk->data)
if (ret + *off != *len)
*off += ret;
else
*off = 0;

1
include/types/spoe.h
View File

@ -323,6 +323,7 @@ struct spoe_context {
struct spoe_message *curmsg; /* SPOE message from which to resume encoding */
struct spoe_arg *curarg; /* SPOE arg in <curmsg> from which to resume encoding */
unsigned int curoff; /* offset in <curarg> from which to resume encoding */
unsigned int curlen; /* length of <curarg> need to be encode, for SMP_F_MAY_CHANGE data */
unsigned int flags; /* SPOE_FRM_FL_* */
} frag_ctx; /* Info about fragmented frames, valid on if SPOE_CTX_FL_FRAGMENTED is set */

3
src/flt_spoe.c
View File

@ -2182,6 +2182,7 @@ spoe_encode_message(struct stream *s, struct spoe_context *ctx,
list_for_each_entry(arg, &msg->args, list) {
ctx->frag_ctx.curarg = arg;
ctx->frag_ctx.curoff = UINT_MAX;
ctx->frag_ctx.curlen = 0;
encode_argument:
if (ctx->frag_ctx.curoff != UINT_MAX)
@ -2196,7 +2197,7 @@ spoe_encode_message(struct stream *s, struct spoe_context *ctx,
/* Fetch the argument value */
smp = sample_process(s->be, s->sess, s, dir|SMP_OPT_FINAL, arg->expr, NULL);
ret = spoe_encode_data(smp, &ctx->frag_ctx.curoff, buf, end);
ret = spoe_encode_data(&ctx->frag_ctx.curlen, smp, &ctx->frag_ctx.curoff, buf, end);
if (ret == -1 || ctx->frag_ctx.curoff)
goto too_big;
}