[4.0] 0bd10ea Correctly fail bad reads in req.body

Lasse Karstensen lkarsten at varnish-software.com
Mon Sep 22 16:38:23 CEST 2014


commit 0bd10ea0556d872f6115f6008233477e9ae1e62a
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date:   Tue Jul 29 11:22:16 2014 +0000

    Correctly fail bad reads in req.body
    
    Spotted and fixed by:	Nils Goroll
    
    Fixes #1562

diff --git a/bin/varnishd/cache/cache_http1_fsm.c b/bin/varnishd/cache/cache_http1_fsm.c
index 31b65e2..4bf643d 100644
--- a/bin/varnishd/cache/cache_http1_fsm.c
+++ b/bin/varnishd/cache/cache_http1_fsm.c
@@ -559,6 +559,10 @@ HTTP1_IterateReqBody(struct req *req, req_body_iter_f *func, void *priv)
 		VSLb(req->vsl, SLT_VCL_Error,
 		    "Uncached req.body can only be consumed once.");
 		return (-1);
+	case REQ_BODY_FAIL:
+		VSLb(req->vsl, SLT_FetchError,
+		    "Had failed reading req.body before.");
+		return (-1);
 	default:
 		WRONG("Wrong req_body_status in HTTP1_IterateReqBody()");
 	}
diff --git a/bin/varnishtest/tests/r01562.vtc b/bin/varnishtest/tests/r01562.vtc
new file mode 100644
index 0000000..af979ab
--- /dev/null
+++ b/bin/varnishtest/tests/r01562.vtc
@@ -0,0 +1,49 @@
+varnishtest "retrying a short client body read should not panic varnish"
+
+server s1 {
+	non-fatal
+	rxreq
+	txresp -status 200 -hdr "Foo: BAR" -body "1234"
+} -start
+
+server s2 {
+	non-fatal
+	rxreq
+	txresp -status 200 -hdr "Foo: Foo" -body "56"
+} -start
+
+varnish v1 -cliok "param.set vcc_allow_inline_c true" -vcl+backend {
+	sub vcl_recv {
+		return (pass);
+	}
+	sub vcl_backend_fetch {
+		if (bereq.retries >= 1) {
+			set bereq.backend = s2;
+		} else {
+			set bereq.backend = s1;
+		}
+	}
+	sub vcl_backend_error {
+		return (retry);
+	}
+} -start
+
+varnish v1 -cliok "param.set debug +syncvsl"
+
+client c1 {
+	txreq -req "POST" -nolen -hdr "Content-Length: 10000" -bodylen 9999
+} -run
+
+delay .4
+
+server s1 {
+	rxreq
+	txresp -status 200 -bodylen 11
+} -start
+
+client c1 {
+	txreq
+	rxresp
+	expect resp.status == 200
+	expect resp.bodylen == 11
+} -run



More information about the varnish-commit mailing list