[master] 9cd74c3 Add a missing boundary check for Range requests
Poul-Henning Kamp
phk at FreeBSD.org
Tue Dec 17 10:44:31 CET 2013
commit 9cd74c3b2cbbe499e98394bb80833dc73f4ec943
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date: Tue Dec 17 09:43:42 2013 +0000
Add a missing boundary check for Range requests
Fixes #1323
Spotted & fix by: gquintard
diff --git a/bin/varnishd/cache/cache_http1_deliver.c b/bin/varnishd/cache/cache_http1_deliver.c
index 1419655..79090fd 100644
--- a/bin/varnishd/cache/cache_http1_deliver.c
+++ b/bin/varnishd/cache/cache_http1_deliver.c
@@ -126,6 +126,8 @@ v1d_dorange(struct req *req, const char *r)
}
if (!has_low) {
low = req->obj->len - high;
+ if (low < 0)
+ low = 0;
high = req->obj->len - 1;
}
} else
diff --git a/bin/varnishtest/tests/c00034.vtc b/bin/varnishtest/tests/c00034.vtc
index faf60fb..a0084d5 100644
--- a/bin/varnishtest/tests/c00034.vtc
+++ b/bin/varnishtest/tests/c00034.vtc
@@ -84,4 +84,9 @@ client c1 {
rxresp
expect resp.status == 206
expect resp.bodylen == 100
+
+ txreq -hdr "Range: bytes=-101"
+ rxresp
+ expect resp.status == 206
+ expect resp.bodylen == 100
} -run
More information about the varnish-commit
mailing list