RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-02-02 03:23:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
haproxy public development tree
13,212 Commits 19 Branches 373 Tags 70 MiB
C 98.1%
Shell 0.8%
Makefile 0.6%
Python 0.2%
Lua 0.1%
401e6dbff3
Go to file
Christopher Faulet 401e6dbff3 BUG/MAJOR: filters: Always keep all offsets up to date during data filtering 
When at least one data filter is registered on a channel, the offsets of all
filters must be kept up to date. For data filters but also for others. It is
safer to do it in that way. Indirectly, this patch fixes 2 hidden bugs
revealed by the commit 22fca1f2c ("BUG/MEDIUM: filters: Forward all filtered
data at the end of http filtering").

The first one, the worst of both, happens at the end of http filtering when
at least one data filtered is registered on the channel. We call the
http_end() callback function on the filters, when defined, to finish the
http filtering. But it is performed for all filters. Before the commit
22fca1f2c, the only risk was to call the http_end() callback function
unexpectedly on a filter. Now, we may have an overflow on the offset
variable, used at the end to forward all filtered data. Of course, from the
moment we forward an arbitrary huge amount of data, all kinds of bad things
may happen. So offset computation is performed for all filters and
http_end() callback function is called only for data filters.

The other one happens when a data filter alter the data of a channel, it
must update the offsets of all previous filters. But the offset of non-data
filters must be up to date, otherwise, here too we may have an integer
overflow.

Another way to fix these bugs is to always ignore non-data filters from the
offsets computation. But this patch is safer and probably easier to
maintain.

This patch must be backported in all versions where the above commit is. So
as far as 2.0.
2020-11-24 14:17:32 +01:00
.github CI: Set DEBUG=-DDEBUG_STRICT=1 in GitHub Actions 2020-11-21 18:27:33 +01:00
contrib CONTRIB: release-estimator: Add release estimating tool 2020-10-24 12:27:17 +02:00
doc DOC: better describes how to configure a fallback crt 2020-11-24 13:23:06 +01:00
examples CLEANUP: assorted typo fixes in the code and comments 2020-06-26 11:27:28 +02:00
include BUG/MAJOR: filters: Always keep all offsets up to date during data filtering 2020-11-24 14:17:32 +01:00
reg-tests MINOR: http_act: Add -m flag for del-header name matching method 2020-11-21 15:54:30 +01:00
scripts CI: travis-ci: replace not defined SSL_LIB, SSL_INC for BotringSSL builds 2020-10-11 21:12:33 +02:00
src BUG/MAJOR: filters: Always keep all offsets up to date during data filtering 2020-11-24 14:17:32 +01:00
tests MEDIUM: config: remove the deprecated and dangerous global "debug" directive 2020-10-09 19:18:45 +02:00
.cirrus.yml CI: cirrus-ci: exclude slow reg-tests 2020-07-04 06:58:14 +02:00
.gitattributes MINOR: Commit .gitattributes 2020-09-05 16:21:59 +02:00
.gitignore CLEANUP: Update .gitignore 2020-09-12 13:11:24 +02:00
.travis.yml CI: travis-ci: remove builds migrated to GH actions 2020-11-21 05:40:27 +01:00
BRANCHES
CHANGELOG [RELEASE] Released version 2.4-dev1 2020-11-21 16:00:40 +01:00
CONTRIBUTING DOC: Use gender neutral language 2020-07-26 22:35:43 +02:00
INSTALL DOC: mention in INSTALL that it's development again 2020-11-05 17:19:13 +01:00
LICENSE
MAINTAINERS REORG: include: split hathreads into haproxy/thread.h and haproxy/thread-t.h 2020-06-11 10:18:56 +02:00
Makefile BUILD: Show the value of DEBUG= in haproxy -vv 2020-11-21 18:27:33 +01:00
README
ROADMAP
SUBVERS
VERDATE [RELEASE] Released version 2.4-dev1 2020-11-21 16:00:40 +01:00
VERSION [RELEASE] Released version 2.4-dev1 2020-11-21 16:00:40 +01:00

README 

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)