RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-04-01 22:48:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
401e6dbff3
haproxy/src
History
Christopher Faulet 401e6dbff3 BUG/MAJOR: filters: Always keep all offsets up to date during data filtering 
When at least one data filter is registered on a channel, the offsets of all
filters must be kept up to date. For data filters but also for others. It is
safer to do it in that way. Indirectly, this patch fixes 2 hidden bugs
revealed by the commit 22fca1f2c ("BUG/MEDIUM: filters: Forward all filtered
data at the end of http filtering").

The first one, the worst of both, happens at the end of http filtering when
at least one data filtered is registered on the channel. We call the
http_end() callback function on the filters, when defined, to finish the
http filtering. But it is performed for all filters. Before the commit
22fca1f2c, the only risk was to call the http_end() callback function
unexpectedly on a filter. Now, we may have an overflow on the offset
variable, used at the end to forward all filtered data. Of course, from the
moment we forward an arbitrary huge amount of data, all kinds of bad things
may happen. So offset computation is performed for all filters and
http_end() callback function is called only for data filters.

The other one happens when a data filter alter the data of a channel, it
must update the offsets of all previous filters. But the offset of non-data
filters must be up to date, otherwise, here too we may have an integer
overflow.

Another way to fix these bugs is to always ignore non-data filters from the
offsets computation. But this patch is safer and probably easier to
maintain.

This patch must be backported in all versions where the above commit is. So
as far as 2.0.
2020-11-24 14:17:32 +01:00
..
51d.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
acl.c CLEANUP: pattern: remove pat_delete_fcts[] and pattern_head->delete() 2020-11-05 19:27:09 +01:00
action.c MEDIUM: tcp-rules: Warn if a track-sc* content rule doesn't depend on content 2020-10-02 15:50:26 +02:00
activity.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
applet.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
arg.c CLEANUP: Do not use a fixed type for 'sizeof' in 'calloc' 2020-09-12 20:31:25 +02:00
auth.c BUG/MINOR: auth: report valid crypto(3) support depending on build options 2020-09-08 14:34:04 +02:00
backend.c CLEANUP: connection: do not use conn->owner when the session is known 2020-11-21 15:29:22 +01:00
base64.c REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/ 2020-06-11 10:18:56 +02:00
cache.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
calltrace.c BUILD: trace: include tools.h 2020-09-25 17:54:48 +02:00
cfgparse-global.c MEDIUM: config: remove the deprecated and dangerous global "debug" directive 2020-10-09 19:18:45 +02:00
cfgparse-listen.c MEDIUM: proxy: remove obsolete "monitor-net" 2020-10-15 21:47:04 +02:00
cfgparse-ssl.c BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES 2020-11-21 11:04:36 +01:00
cfgparse-tcp.c CLEANUP: cfgparse: remove duplicate registration for transparent build options 2020-11-05 19:27:16 +01:00
cfgparse-unix.c MINOR: listener: create a new struct "settings" in bind_conf 2020-09-16 20:13:13 +02:00
cfgparse.c MEDIUM: cli/ssl: configure ssl on server at runtime 2020-11-18 17:22:28 +01:00
channel.c MINOR: channel: new getword and getchar functions on channel. 2020-10-07 17:17:27 +02:00
check.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
chunk.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
cli.c MINOR: mworker/cli: the master CLI use its own applet 2020-11-05 10:28:53 +01:00
compression.c BUILD: compression: make gcc 10 happy with free_zlib() 2020-06-14 08:00:19 +02:00
connection.c CLEANUP: connection: do not use conn->owner when the session is known 2020-11-21 15:29:22 +01:00
da.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
debug.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
dgram.c REORG: dgram: rename proto_udp to dgram 2020-06-11 10:18:59 +02:00
dict.c REORG: include: move THREAD_LOCAL and __decl_thread() to compiler.h 2020-06-11 10:18:59 +02:00
dns.c MINOR: dns/stats: integrate dns counters in stats 2020-10-05 12:02:14 +02:00
dynbuf.c REORG: buffer: rename buffer.c to dynbuf.c 2020-06-29 09:26:59 +02:00
eb32sctree.c REORG: ebtree: move the include files from ebtree to include/import/ 2020-06-11 09:31:11 +02:00
eb32tree.c REORG: ebtree: move the include files from ebtree to include/import/ 2020-06-11 09:31:11 +02:00
eb64tree.c REORG: ebtree: move the include files from ebtree to include/import/ 2020-06-11 09:31:11 +02:00
ebimtree.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
ebistree.c REORG: ebtree: move the include files from ebtree to include/import/ 2020-06-11 09:31:11 +02:00
ebmbtree.c REORG: ebtree: move the include files from ebtree to include/import/ 2020-06-11 09:31:11 +02:00
ebpttree.c REORG: ebtree: move the include files from ebtree to include/import/ 2020-06-11 09:31:11 +02:00
ebsttree.c REORG: ebtree: move the include files from ebtree to include/import/ 2020-06-11 09:31:11 +02:00
ebtree.c BUG/MEDIUM: ebtree: use a byte-per-byte memcmp() to compare memory blocks 2020-06-16 11:30:33 +02:00
ev_epoll.c MINOR: debug: add a new DEBUG_FD build option 2020-06-23 10:04:54 +02:00
ev_evports.c MINOR: debug: add a new DEBUG_FD build option 2020-06-23 10:04:54 +02:00
ev_kqueue.c MINOR: debug: add a new DEBUG_FD build option 2020-06-23 10:04:54 +02:00
ev_poll.c MINOR: debug: add a new DEBUG_FD build option 2020-06-23 10:04:54 +02:00
ev_select.c MINOR: debug: add a new DEBUG_FD build option 2020-06-23 10:04:54 +02:00
extcheck.c BUG/MINOR: extcheck: add missing checks on extchk_setenv() 2020-10-24 13:07:39 +02:00
fcgi-app.c BUG/MEDIUM: fcgi-app: fix memory leak in fcgi_flt_http_headers 2020-07-15 20:23:29 +02:00
fcgi.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
fd.c MINOR: fd: report an error message when failing initial allocations 2020-10-13 18:15:33 +02:00
filters.c BUG/MAJOR: filters: Always keep all offsets up to date during data filtering 2020-11-24 14:17:32 +01:00
fix.c MINOR: sample: Add converters to parse FIX messages 2020-11-05 19:26:30 +01:00
flt_http_comp.c CLEANUP: compression: Make use of http_get_etag_type() 2020-10-22 16:59:36 +02:00
flt_spoe.c MINOR: spoe: Don't close connection in sync mode on processing timeout 2020-11-13 16:26:10 +01:00
flt_trace.c MINOR: flt-trace: Use a bitfield for the trace options 2020-11-17 11:34:36 +01:00
freq_ctr.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
frontend.c REORG: listener: move the receiving FD to struct receiver 2020-09-16 22:08:03 +02:00
h1_htx.c MEDIUM: htx: Add a flag on a HTX message when no more data are expected 2020-07-22 16:43:32 +02:00
h1.c BUILD: tree-wide: cast arguments to tolower/toupper to unsigned char 2020-07-05 21:50:02 +02:00
h2.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
haproxy.c BUILD: SSL: add BoringSSL guarding to "RAND_keep_random_devices_open" 2020-11-24 09:54:44 +01:00
hash.c REORG: include: move base64.h, errors.h and hash.h from common to to haproxy/ 2020-06-11 10:18:56 +02:00
hlua_fcn.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
hlua.c BUG/MINOR: lua: set buffer size during map lookups 2020-11-11 10:43:21 +01:00
hpack-dec.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
hpack-enc.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
hpack-huff.c REORG: include: move hpack*.h to haproxy/ and split hpack-tbl 2020-06-11 10:18:57 +02:00
hpack-tbl.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
http_acl.c CLEANUP: acl: don't reference the generic pattern deletion function anymore 2020-11-05 19:27:09 +01:00
http_act.c BUG/MEDIUM: http_act: Restore init of log-format list 2020-11-24 10:33:46 +01:00
http_ana.c MINOR: http_act: Add -m flag for del-header name matching method 2020-11-21 15:54:30 +01:00
http_conv.c CLEANUP: assorted typo fixes in the code and comments 2020-07-06 14:34:32 +02:00
http_fetch.c BUG/MINOR: http-fetch: Fix calls w/o parentheses of the cookie sample fetches 2020-11-13 16:26:10 +01:00
http_htx.c BUG/MINOR: http_htx: Fix searching headers by substring 2020-11-21 15:54:26 +01:00
http_rules.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
http.c BUG/MINOR: http-fetch: Extract cookie value even when no cookie name 2020-11-13 16:26:10 +01:00
htx.c CLEANUP: assorted typo fixes in the code and comments 2020-07-06 14:34:32 +02:00
lb_chash.c MINOR: lb/chash: use a read lock in chash_get_server_hash() 2020-10-17 20:15:49 +02:00
lb_fas.c MINOR: lb/first: use a read lock in fas_get_next_server() 2020-10-17 19:49:49 +02:00
lb_fwlc.c MEDIUM: fwlc: re-enable per-server queuing up to maxqueue 2020-10-22 18:30:25 +02:00
lb_fwrr.c MINOR: backend: replace the lbprm lock with an rwlock 2020-10-17 18:51:41 +02:00
lb_map.c MINOR: lb/map: use seek lock and read locks where appropriate 2020-10-17 19:04:27 +02:00
listener.c BUG/MEDIUM: stats: prevent crash if counters not alloc with dummy one 2020-11-12 15:16:05 +01:00
log.c BUG/MINOR: log: fix risk of null deref on error path 2020-10-27 10:35:32 +01:00
lru.c
mailers.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
map.c MEDIUM: pattern: only match patterns that match the current generation 2020-11-05 19:27:09 +01:00
mqtt.c MINOR: sample: Add converts to parses MQTT messages 2020-11-05 19:27:03 +01:00
mux_fcgi.c MEDIUM: fcgi: remove conn from session on detach 2020-10-15 15:19:34 +02:00
mux_h1.c BUG/MEDIUM: mux-h1: Get the session from the H1S when capturing bad messages 2020-10-16 19:53:17 +02:00
mux_h2.c MINOR: config/mux-h2: Return ERR_ flags from init_h2() instead of a status 2020-11-13 16:26:10 +01:00
mux_pt.c BUG/MEDIUM: mux-pt: Release the tasklet during an HTTP upgrade 2020-11-03 10:50:00 +01:00
mworker-prog.c REORG: include: move the error reporting functions to from log.h to errors.h 2020-06-11 10:18:59 +02:00
mworker.c MINOR: protocol: register the receiver's I/O handler and not the protocol's 2020-10-15 21:47:56 +02:00
namespace.c REORG: include: move the error reporting functions to from log.h to errors.h 2020-06-11 10:18:59 +02:00
pattern.c BUG/MINOR: pattern: a sample marked as const could be written 2020-11-11 10:43:15 +01:00
payload.c MINOR: arg: Use chunk_destroy() to release string arguments 2020-08-07 14:27:54 +02:00
peers.c BUG/MEDIUM: peers: fix decoding of multi-byte length in stick-table messages 2020-11-13 15:21:50 +01:00
pipe.c CLEANUP: include: tree-wide alphabetical sort of include files 2020-06-11 10:18:59 +02:00
pool.c MEDIUM: pools: call malloc_trim() from pool_gc() 2020-11-05 19:27:08 +01:00
proto_sockpair.c MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers 2020-11-04 14:22:42 +01:00
proto_tcp.c MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers 2020-11-04 14:22:42 +01:00
proto_udp.c MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers 2020-11-04 14:22:42 +01:00
proto_uxst.c MEDIUM: listeners: make use of fd_want_recv_safe() to enable early receivers 2020-11-04 14:22:42 +01:00
protocol.c CLEANUP: protocol: remove the now unused <handler> field of proto_fam->bind() 2020-10-15 21:47:56 +02:00
proxy.c MINOR: stream: Add level 7 retries on http error 401, 403 2020-11-23 09:33:14 +01:00
queue.c BUG/MEDIUM: queue: fix unsafe proxy pointer when counting nbpend 2020-10-24 12:57:41 +02:00
raw_sock.c MINOR: raw_sock: Report the number of bytes emitted using the splicing 2020-07-15 14:08:14 +02:00
regex.c OPTIM: regex: PCRE2 use JIT match when JIT optimisation occured. 2020-08-14 07:53:40 +02:00
ring.c CLEANUP: fix all duplicated semicolons 2020-08-10 08:49:38 +02:00
sample.c MINOR: sample: Add converts to parses MQTT messages 2020-11-05 19:27:03 +01:00
server.c MEDIUM: cli/ssl: configure ssl on server at runtime 2020-11-18 17:22:28 +01:00
session.c BUG/MAJOR: connection: reset conn->owner when detaching from session list 2020-11-21 15:29:22 +01:00
sha1.c BUILD: use inttypes.h instead of stdint.h 2019-04-01 07:44:56 +02:00
shctx.c REORG: include: split global.h into haproxy/global{,-t}.h 2020-06-11 10:18:58 +02:00
signal.c REORG: include: move the error reporting functions to from log.h to errors.h 2020-06-11 10:18:59 +02:00
sink.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
sock_inet.c CLEANUP: protocol: remove the now unused <handler> field of proto_fam->bind() 2020-10-15 21:47:56 +02:00
sock_unix.c CLEANUP: protocol: remove the now unused <handler> field of proto_fam->bind() 2020-10-15 21:47:56 +02:00
sock.c MINOR: sock: add a check against cross worker<->master socket activities 2020-11-04 15:05:50 +01:00
ssl_ckch.c MEDIUM: ssl: ssl-load-extra-del-ext work only with .crt 2020-10-23 18:41:08 +02:00
ssl_crtlist.c BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES 2020-11-21 11:04:36 +01:00
ssl_sample.c BUILD: ssl: use HAVE_OPENSSL_KEYLOG instead of OpenSSL versions 2020-11-03 14:54:15 +01:00
ssl_sock.c BUILD: SSL: guard TLS13 ciphersuites with HAVE_SSL_CTX_SET_CIPHERSUITES 2020-11-21 11:04:36 +01:00
ssl_utils.c CLEANUP: ssl: ssl_sock_crt2der semicolon and spaces 2020-08-07 15:38:40 +02:00
stats.c BUG/MEDIUM: stats: prevent crash if counters not alloc with dummy one 2020-11-12 15:16:05 +01:00
stick_table.c BUG/MEDIUM: stick-table: limit the time spent purging old entries 2020-11-03 18:02:42 +01:00
stream_interface.c MINOR: stream-int: Be sure to have a mux to do sends and receives 2020-07-30 09:39:20 +02:00
stream.c BUG/MEDIUM: lb: Always lock the server when calling server_{take,drop}_conn 2020-10-17 09:29:43 +02:00
task.c CLEANUP: task: remove the unused and mishandled global_rqueue_size 2020-10-19 14:08:13 +02:00
tcp_act.c REORG: tcp: move TCP actions from proto_tcp.c to tcp_act.c 2020-08-28 18:51:36 +02:00
tcp_rules.c MEDIUM: tcp-rules: Use a dedicated expiration date for tcp ruleset 2020-07-30 09:31:09 +02:00
tcp_sample.c MINOR: listener: prefer to retrieve the socket's settings via the receiver 2020-09-16 22:08:07 +02:00
tcpcheck.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
thread.c CLEANUP: threads: don't register an initcall when not debugging 2020-10-19 14:08:13 +02:00
time.c CLEANUP: assorted typo fixes in the code and comments 2020-07-06 14:34:32 +02:00
tools.c BUILD: ssl: use SSL_MODE_ASYNC macro instead of OPENSSL_VERSION 2020-11-19 19:59:32 +01:00
trace.c MEDIUM: log/sink: re-work and merge of build message API. 2020-07-15 17:50:12 +02:00
uri_auth.c CLEANUP: Do not use a fixed type for 'sizeof' in 'calloc' 2020-09-12 20:31:25 +02:00
vars.c CLEANUP: Add static void vars_deinit() 2020-07-07 16:52:35 +02:00
version.c BUILD: Fix build by including haproxy/global.h 2020-06-16 23:36:04 +02:00
wdt.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
wurfl.c CLEANUP: config: Return ERR_NONE from config callbacks instead of 0 2020-11-13 16:26:10 +01:00
xprt_handshake.c REORG: include: move stream_interface.h to haproxy/stream_interface{,-t}.h 2020-06-11 10:18:58 +02:00
xxhash.c BUILD: use inttypes.h instead of stdint.h 2019-04-01 07:44:56 +02:00