From: Willy Tarreau Date: Sun, 12 Dec 2010 12:06:00 +0000 (+0100) Subject: [BUG] stream_interface: truncate buffers when sending error messages X-Git-Tag: v1.5-dev8~351 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=798e128a4dbee623e1c098167c8e84e53a89609f;p=thirdparty%2Fhaproxy.git [BUG] stream_interface: truncate buffers when sending error messages When an error message is returned to a client, all buffer contents were left intact. Since the analysers were removed, the potentially invalid data that were read had a chance to be sent too. Now we ensure we only keep the already scheduled data in the buffer and we truncate it after that. That means that responses with data that must be blocked will really be blocked, and that incorrectly chunked data will be stopped at the point where the chunking fails. --- diff --git a/src/stream_interface.c b/src/stream_interface.c index 2ffca17ba1..aae602ec54 100644 --- a/src/stream_interface.c +++ b/src/stream_interface.c @@ -73,6 +73,8 @@ void stream_int_retnclose(struct stream_interface *si, const struct chunk *msg) buffer_abort(si->ib); buffer_auto_close(si->ib); buffer_erase(si->ib); + + buffer_cut_tail(si->ob); if (likely(msg && msg->len)) buffer_write(si->ob, msg->str, msg->len);