RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-03-07 20:09:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
82c51b561e
haproxy/src
History
Amaury Denoyelle 80d0572a31 BUG/MEDIUM: quic: fix Rx buffering 
The quic-conn manages a buffer to store received QUIC packets. When the
buffer wraps, the gap is filled until the end with junk and packets can
be inserted at the start of the buffer.

On the other end, deletion is implemented via quic_rx_pkts_del().
Packets are removed one by one if their refcount is nul. If junk is
found, the buffer is emptied until its wrap.

This seems to work in most cases but a bug was found in a particular
case : on insertion if buffer gap is not at the end of the buffer. In
this case, the gap was filled, which is useless as now the buffer is
full and the packet cannot be inserted. Worst, on deletion, when junk is
removed there is a risk to removed new packets. This can happens in the
following case :
1. buffer contig space is too small, junk is inserted in the middle of
   it
2. on quic_rx_pkts_del() invocation, a packet is removed, but not the
   next one because its refcount is still positive. When a new packet is
   received, it will be stored after the junk.
3. on next quic_rx_pkts_del(), when junk is removed, all contig data is
   cleared, with newer packets data too.

This will cause a transfer between a client and haproxy to be stalled.
This can be reproduced with big enough POST requests. I triggered it
with ngtcp2 and 10M of posted data.

Hopefully, the solution of this bug is simple. If contig space is not
big enough to store a packet, but the space is not at the end of the
buffer, no junk is inserted and the packet is dropped as we cannot
buffered it. This ensures that junk is only present at the end of the
buffer and when removed no packets data is purged with it.
2022-05-18 15:02:14 +02:00
..
acl.c MINOR: acl: alphanumerically sort the ACL dump 2022-03-30 11:49:59 +02:00
action.c BUG/MINOR: rules: Fix check_capture() function to use the right rule arguments 2022-04-25 15:28:21 +02:00
activity.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
applet.c MINOR: conn-stream/applet: Stop setting appctx as the endpoint context 2022-05-17 16:13:22 +02:00
arg.c
auth.c
backend.c CLEANUP: muxes: make mux->attach/detach take a conn_stream endpoint 2022-05-13 14:28:48 +02:00
base64.c
cache.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
calltrace.c BUILD: calltrace: fix wrong include when building with TRACE=1 2022-04-19 08:23:30 +02:00
cbuf.c CLEANUP: tree-wide: remove a few rare non-ASCII chars 2022-03-04 08:58:32 +01:00
cfgcond.c
cfgdiag.c
cfgparse-global.c MINOR: config: Add "cluster-secret" new global keyword 2022-05-12 17:48:35 +02:00
cfgparse-listen.c CLEANUP: proxy: Remove dead code when parsing "http-restrict-req-hdr-names" option 2022-05-17 16:13:22 +02:00
cfgparse-quic.c MINOR: cfg-quic: define tune.quic.conn-buf-limit 2022-04-21 12:04:04 +02:00
cfgparse-ssl.c MINOR: ssl: Add 'ssl-provider-path' global option 2022-05-17 18:09:17 +02:00
cfgparse-tcp.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
cfgparse-unix.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
cfgparse.c MINOR: peers: Add a ref to peers section in the peer structure 2022-05-17 16:13:22 +02:00
channel.c CLEANUP: tree-wide: Remove any ref to stream-interfaces 2022-04-13 15:10:16 +02:00
check.c BUG/MEDIUM: conn-stream: Don't erase endpoint flags on reset 2022-04-29 14:12:42 +02:00
chunk.c CLEANUP: chunks: release trash also in deinit 2022-04-27 17:55:41 +02:00
cli.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
clock.c
compression.c CLEANUP: compression: move the default setting of maxzlibmem to defaults 2022-04-25 19:42:43 +02:00
conn_stream.c MINOR: conn-stream/applet: Stop setting appctx as the endpoint context 2022-05-17 16:13:22 +02:00
connection.c MINOR: session: get rid of the now unused SESS_FL_ADDR_*_SET flags 2022-05-02 17:51:51 +02:00
cpuset.c
debug.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
dgram.c
dict.c
dns.c MINOR: applet: Add API to start applet on a thread subset 2022-05-17 16:13:22 +02:00
dynbuf.c
eb32sctree.c
eb32tree.c
eb64tree.c
ebimtree.c
ebistree.c
ebmbtree.c
ebpttree.c
ebsttree.c
ebtree.c
errors.c CLEANUP: ring: pass the ring watch flags to ring_attach_cli(), not in ctx.cli 2022-05-06 18:13:36 +02:00
ev_epoll.c BUILD: pollers: use an initcall to register the pollers 2022-04-25 19:00:55 +02:00
ev_evports.c BUILD: pollers: use an initcall to register the pollers 2022-04-25 19:00:55 +02:00
ev_kqueue.c BUILD: pollers: use an initcall to register the pollers 2022-04-25 19:00:55 +02:00
ev_poll.c BUILD: pollers: use an initcall to register the pollers 2022-04-25 19:00:55 +02:00
ev_select.c BUILD: pollers: use an initcall to register the pollers 2022-04-25 19:00:55 +02:00
extcheck.c MINOR: ext-check: indicate the transport and protocol of a server 2022-05-13 16:06:29 +02:00
fcgi-app.c MEDIUM: http-ana: Add a proxy option to restrict chars in request header names 2022-05-16 16:00:26 +02:00
fcgi.c CLEANUP: Reapply ist.cocci with --include-headers-for-types --recursive-includes 2022-03-21 08:30:47 +01:00
fd.c BUILD: fd: disguise the fd_set_nonblock/cloexec result 2022-04-27 10:52:21 +02:00
filters.c CLEANUP: tree-wide: Remove any ref to stream-interfaces 2022-04-13 15:10:16 +02:00
fix.c
flt_http_comp.c BUG/MEDIUM: compression: Don't forget to update htx_sl and http_msg flags 2022-04-15 16:22:33 +02:00
flt_spoe.c BUG/MINOR: spoe: Fix error handling in spoe_init_appctx() 2022-05-18 09:04:53 +02:00
flt_trace.c
freq_ctr.c
frontend.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
h1_htx.c BUG/MEDIUM: mux-h1: Don't request more room on partial trailers 2022-04-14 11:57:06 +02:00
h1.c CLEANUP: Reapply ist.cocci with --include-headers-for-types --recursive-includes 2022-03-21 08:30:47 +01:00
h2.c CLEANUP: Reapply ist.cocci with --include-headers-for-types --recursive-includes 2022-03-21 08:30:47 +01:00
h3.c MEDIUM: mux-quic/h3/qpack: use ncbuf for uni streams 2022-05-13 17:29:49 +02:00
haproxy.c MEDIUM: ssl: Delay random generator initialization after config parsing 2022-05-17 10:55:59 +02:00
hash.c
hlua_fcn.c CLEANUP: Add missing header to hlua_fcn.c 2022-05-17 11:40:33 +02:00
hlua.c MINOR: applet: Add API to start applet on a thread subset 2022-05-17 16:13:22 +02:00
hpack-dec.c BUILD/DEBUG: hpack: use unsigned int in printf format in debug code 2022-04-12 08:40:38 +02:00
hpack-enc.c
hpack-huff.c OPTIM: hpack: read 32 bits at once when possible. 2022-04-01 17:29:06 +02:00
hpack-tbl.c BUILD/DEBUG: hpack-tbl: fix format string in standalone debug code 2022-04-12 08:30:08 +02:00
hq_interop.c MEDIUM: mux-quic/h3/hq-interop: use ncbuf for bidir streams 2022-05-13 17:28:46 +02:00
http_acl.c
http_act.c BUG/MINOR: http-act: make release_http_redir() more robust 2022-04-25 16:09:26 +02:00
http_ana.c CLEANUP: http_ana: Make use of the return value of stream_generate_unique_id() 2022-05-18 07:19:01 +02:00
http_client.c CLEANUP: httpclient: Remove useless test on ss_dst in httpclient_applet_init() 2022-05-18 09:29:33 +02:00
http_conv.c BUG/MEDIUM: http-conv: Fix url_enc() to not crush const samples 2022-04-08 10:12:59 +02:00
http_fetch.c CLEANUP: tree-wide: Remove any ref to stream-interfaces 2022-04-13 15:10:16 +02:00
http_htx.c CLEANUP: Destroy http_err_chunks members during deinit 2022-04-26 23:39:43 +02:00
http_rules.c BUILD: http: remove the two unused constructors in rules and ana 2022-04-25 19:26:26 +02:00
http.c
htx.c BUG/MEDIUM: htx: Fix a possible null derefs in htx_xfer_blks() 2022-02-28 17:16:55 +01:00
init.c MINOR: init: add the pre-check callback 2022-04-22 15:45:47 +02:00
jwt.c
lb_chash.c
lb_fas.c
lb_fwlc.c
lb_fwrr.c
lb_map.c
listener.c BUILD: listener: shut report of possible null-deref in listener_accept() 2022-05-09 20:49:36 +02:00
log.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
lru.c BUILD/DEBUG: lru: fix printf format in debug code 2022-04-12 08:19:33 +02:00
mailers.c
map.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
mjson.c
mqtt.c MEDIUM: mqtt: support mqtt_is_valid and mqtt_field_value converters for MQTTv3.1 2022-03-22 09:25:52 +01:00
mux_fcgi.c CLEANUP: muxes: make mux->attach/detach take a conn_stream endpoint 2022-05-13 14:28:48 +02:00
mux_h1.c CLEANUP: conn_stream: merge cs_new_from_{mux,applet} into cs_new_from_endp() 2022-05-13 14:28:48 +02:00
mux_h2.c CLEANUP: conn_stream: merge cs_new_from_{mux,applet} into cs_new_from_endp() 2022-05-13 14:28:48 +02:00
mux_pt.c CLEANUP: conn_stream: merge cs_new_from_{mux,applet} into cs_new_from_endp() 2022-05-13 14:28:48 +02:00
mux_quic.c CLEANUP: mux-quic: remove unused fields for Rx 2022-05-13 17:29:52 +02:00
mworker-prog.c
mworker.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
namespace.c
ncbuf.c MINOR: ncbuf: fix warnings for testing build 2022-05-16 11:32:33 +02:00
pattern.c
payload.c REORG: conn_stream: move conn-stream stuff in dedicated files 2022-02-24 11:00:02 +01:00
peers.c CLEANUP: peers: Remove unreachable code in peer_session_create() 2022-05-18 09:04:53 +02:00
pipe.c
pool.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
proto_quic.c MINOR: connection: get rid of the CO_FL_ADDR_*_SET flags 2022-05-02 17:47:46 +02:00
proto_sockpair.c MINOR: connection: get rid of the CO_FL_ADDR_*_SET flags 2022-05-02 17:47:46 +02:00
proto_tcp.c MINOR: connection: get rid of the CO_FL_ADDR_*_SET flags 2022-05-02 17:47:46 +02:00
proto_udp.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
proto_uxdg.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
proto_uxst.c MINOR: connection: get rid of the CO_FL_ADDR_*_SET flags 2022-05-02 17:47:46 +02:00
protocol.c
proxy.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
qpack-dec.c MEDIUM: mux-quic/h3/qpack: use ncbuf for uni streams 2022-05-13 17:29:49 +02:00
qpack-enc.c
qpack-tbl.c CLEANUP: tree-wide: remove a few rare non-ASCII chars 2022-03-04 08:58:32 +01:00
queue.c MEDIUM: stream: remove the confusing SF_ADDR_SET flag 2022-05-02 16:56:01 +02:00
quic_cc_newreno.c CLEANUP: quic: Remove window redundant variable from NewReno algorithm state struct 2022-03-04 17:47:32 +01:00
quic_cc.c CLEANUP: tree-wide: remove a few rare non-ASCII chars 2022-03-04 08:58:32 +01:00
quic_frame.c CLEANUP: quic: wrong use of eb*entry() macro 2022-05-12 17:48:35 +02:00
quic_loss.c BUG/MINOR: quic: Missing time threshold multiplifier for loss delay computation 2022-04-29 16:46:56 +02:00
quic_sock.c MINOR: quic: Add a debug counter for sendto() errors 2022-05-12 15:11:53 +02:00
quic_stream.c CLEANUP: quic: wrong use of eb*entry() macro 2022-05-12 17:48:35 +02:00
quic_tls.c CLEANUP: quic: Useless use of pointer for quic_hkdf_extract() 2022-05-12 17:48:35 +02:00
raw_sock.c MINOR: tree-wide: always consider EWOULDBLOCK in addition to EAGAIN 2022-04-25 20:32:15 +02:00
regex.c
resolvers.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
ring.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
sample.c MEDIUM: backend: add new "balance hash <expr>" algorithm 2022-04-25 16:09:26 +02:00
server_state.c
server.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
session.c BUG/MINOR: session: fix theoretical risk of memleak in session_accept_fd() 2022-03-11 07:25:11 +01:00
sha1.c
shctx.c
signal.c
sink.c MINOR: applet: Add API to start applet on a thread subset 2022-05-17 16:13:22 +02:00
slz.c
sock_inet.c CLEANUP: tree-wide: use fd_set_nonblock() and fd_set_cloexec() 2022-04-26 10:59:48 +02:00
sock_unix.c CLEANUP: tree-wide: use fd_set_nonblock() and fd_set_cloexec() 2022-04-26 10:59:48 +02:00
sock.c MINOR: connection: get rid of the CO_FL_ADDR_*_SET flags 2022-05-02 17:47:46 +02:00
ssl_ckch.c BUG/MINOR: ssl: Fix crash when no private key is found in pem 2022-05-17 15:51:41 +02:00
ssl_crtlist.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
ssl_sample.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
ssl_sock.c MINOR: ssl: Add 'ssl-provider' global option 2022-05-17 10:56:05 +02:00
ssl_utils.c CLEANUP: Add missing header to ssl_utils.c 2022-05-17 11:40:33 +02:00
stats.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
stick_table.c CLEANUP: applet: remove the unneeded appctx->owner 2022-05-13 14:28:48 +02:00
stream.c CLEANUP: http_ana: Make use of the return value of stream_generate_unique_id() 2022-05-18 07:19:01 +02:00
task.c
tcp_act.c BUG/MINOR: tcp/http: release the expr of set-{src,dst}[-port] 2022-05-06 17:02:15 +02:00
tcp_rules.c CLEANUP: tree-wide: Remove any ref to stream-interfaces 2022-04-13 15:10:16 +02:00
tcp_sample.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
tcpcheck.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
thread.c CLEANUP: tree-wide: remove 25 occurrences of unneeded fcntl.h 2022-04-26 10:59:48 +02:00
time.c
tools.c MINOR: tools: add get_exec_path implementation for solaris based systems. 2022-05-17 11:44:21 +02:00
trace.c BUG/MEDIUM: trace: avoid race condition when retrieving session from conn->owner 2022-03-18 17:43:28 +01:00
uri_auth.c
uri_normalizer.c
vars.c CLEANUP: vars: move the per-process variables initialization to vars.c 2022-02-23 17:11:33 +01:00
version.c
wdt.c BUG/MEDIUM: wdt: don't trigger the watchdog when p is unitialized 2022-05-13 11:28:08 +02:00
xprt_handshake.c BUILD: xprt: use an initcall to register the transport layers 2022-04-25 19:18:24 +02:00
xprt_quic.c BUG/MEDIUM: quic: fix Rx buffering 2022-05-18 15:02:14 +02:00