BUG/MEDIUM: mux-h1: Cound data from input buf during zero-copy forwarding

During zero-copy forwarding, we first try to forward data found in the input
buffer before trying to receive more data. These data must be removed from
the amount of data to forward (the cound variable).

Otherwise, on an internal retry, in h1_fastfwd(), we can be lead to read
more data than expected. It is especially a problem on the end of a
chunk. An error is erroneously reported because more data than announced are
received.

This patch should fix the issue #2382. It must be backported to 2.9.

diff --git a/src/mux_h1.c b/src/mux_h1.c
index d2acee6a36a1eb8020a8ba32c139322a4e7f3d59..cb70b84b4b46a069d63acc57b8aa410771aa913a 100644 (file)
--- a/src/mux_h1.c
+++ b/src/mux_h1.c
@@ -4633,6 +4633,7 @@ static int h1_fastfwd(struct stconn *sc, unsigned int count, unsigned int flags)
        }
 
        total += sdo->iobuf.data;
+       count -= sdo->iobuf.data;
 #if defined(USE_LINUX_SPLICE)
        if (sdo->iobuf.pipe) {
                /* Here, not data was xferred */