RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-17 17:04:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
haproxy public development tree
16,564 Commits 20 Branches 370 Tags 46 MiB
C 98.1%
Shell 0.9%
Makefile 0.5%
Python 0.2%
Lua 0.1%
bfb15ab34e
Go to file
Andrew McDermott bfb15ab34e BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies 
Ensure calls to http_find_header() terminate. If a "Set-Cookie2"
header is found then the while(1) loop in
http_manage_server_side_cookies() will never terminate, resulting in
the watchdog firing and the process terminating via SIGABRT.

The while(1) loop becomes unbounded because an unmatched call to
http_find_header("Set-Cookie") will leave ctx->blk=NULL. Subsequent
calls to check for "Set-Cookie2" will now enumerate from the beginning
of all the blocks and will once again match on subsequent
passes (assuming a match first time around), hence the loop becoming
unbounded.

This issue was introduced with HTX and this fix should be backported
to all versions supporting HTX.

Many thanks to Grant Spence (gspence@redhat.com) for working through
this issue with me.
2022-02-16 14:42:13 +01:00
.github CI: enable QUIC for Coverity scan 2022-02-12 08:06:34 +01:00
addons MEDIUM: da: update module to handle schedule mode. 2022-01-28 07:29:01 +01:00
admin OPTIM: halog: skip fields 64 bits at a time when supported 2021-11-08 12:08:26 +01:00
dev DEV: flags: Add missing flags 2022-01-28 17:56:18 +01:00
doc MINOR: mworker/cli: add flags in the prompt 2022-02-02 15:51:24 +01:00
examples MEDIUM: proxy: remove long-broken 'option http_proxy' 2021-07-18 19:35:32 +02:00
include MINOR: quic: Move quic_rxbuf_pool pool out of xprt part 2022-02-15 17:33:21 +01:00
reg-tests REGTESTS: ssl: Add tests for DH related options 2022-02-14 10:07:14 +01:00
scripts CI: refactor OpenTracing build script 2022-01-19 07:37:40 +01:00
src BUG/MAJOR: http/htx: prevent unbounded loop in http_manage_server_side_cookies 2022-02-16 14:42:13 +01:00
tests CLEANUP: assorted typo fixes in the code and comments 2021-08-16 12:37:59 +02:00
.cirrus.yml CI: introduce scripts/build-vtest.sh for installing VTest 2021-05-18 10:48:30 +02:00
.gitattributes MINOR: Configure the cpp userdiff driver for *.[ch] in .gitattributes 2021-02-22 18:17:57 +01:00
.gitignore DOC: lua-api: Add documentation about lua filters 2021-08-15 20:56:44 +02:00
.mailmap DOC: update Tim's address in .mailmap 2021-09-16 09:14:14 +02:00
.travis.yml CI: travis-ci: temporarily disable arm64 builds 2021-08-07 07:28:15 +02:00
BRANCHES DOC: fix some spelling issues over multiple files 2021-01-08 14:53:47 +01:00
CHANGELOG [RELEASE] Released version 2.6-dev1 2022-02-01 18:06:59 +01:00
CONTRIBUTING CLEANUP: assorted typo fixes in the code and comments 2021-08-16 12:37:59 +02:00
INSTALL MINOR: version: it's development again 2021-11-23 15:48:35 +01:00
LICENSE LICENSE: add licence exception for OpenSSL 2012-09-07 13:52:26 +02:00
MAINTAINERS CONTRIB: move spoa_example out of the tree 2021-04-21 09:39:06 +02:00
Makefile BUILD: makefile: only compute alternative options if required 2022-01-31 21:00:35 +01:00
README DOC: create a BRANCHES file to explain the life cycle 2019-06-15 22:00:14 +02:00
ROADMAP DOC: update the outdated ROADMAP file 2019-06-15 21:59:54 +02:00
SUBVERS BUILD: use format tags in VERDATE and SUBVERS files 2013-12-10 11:22:49 +01:00
VERDATE [RELEASE] Released version 2.6-dev1 2022-02-01 18:06:59 +01:00
VERSION [RELEASE] Released version 2.6-dev1 2022-02-01 18:06:59 +01:00

README 

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)