mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2025-03-05 10:58:14 +00:00
9c06ee4ccf
Option http-send-name-header is still hurting. If a POST request has to be redispatched when this option is used, and the next server's name is larger than the initial one, and the POST body fills the buffer, it becomes impossible to rewrite the server's name in the buffer when redispatching. In 1.4, this is worse, the process may crash because of a negative size computation for the memmove(). The only solution to fix this is to refrain from eating the reserve before we're certain that we won't modify the buffer anymore. And the condition for that is that the connection is established. This patch introduces "channel_may_send()" which helps to detect whether it's safe to eat the reserve or not. This condition is used by channel_in_transit() introduced by recent patches. This patch series must be backported into 1.5, and a simpler version must be backported into 1.4 where fixing the bug is much easier since there were no channels by then. Note that in 1.4 the severity is major. |
||
|---|---|---|
| .. | ||
| acl.h | ||
| arg.h | ||
| auth.h | ||
| backend.h | ||
| channel.h | ||
| checks.h | ||
| compression.h | ||
| connection.h | ||
| cttproxy.h | ||
| dumpstats.h | ||
| fd.h | ||
| freq_ctr.h | ||
| frontend.h | ||
| hdr_idx.h | ||
| lb_chash.h | ||
| lb_fas.h | ||
| lb_fwlc.h | ||
| lb_fwrr.h | ||
| lb_map.h | ||
| listener.h | ||
| log.h | ||
| map.h | ||
| obj_type.h | ||
| pattern.h | ||
| payload.h | ||
| peers.h | ||
| pipe.h | ||
| port_range.h | ||
| proto_http.h | ||
| proto_tcp.h | ||
| proto_uxst.h | ||
| protocol.h | ||
| proxy.h | ||
| queue.h | ||
| raw_sock.h | ||
| sample.h | ||
| server.h | ||
| session.h | ||
| shctx.h | ||
| signal.h | ||
| ssl_sock.h | ||
| stick_table.h | ||
| stream_interface.h | ||
| task.h | ||
| template.h | ||