From: Christopher Faulet Date: Tue, 3 Sep 2019 20:22:12 +0000 (+0200) Subject: BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big X-Git-Tag: v2.1-dev2~114 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b066747107bc27b6b94cec794cd76f12c5588795;p=thirdparty%2Fhaproxy.git BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big HTTP responses with headers than impinge upon the reserve must not be cached. Otherwise, there is no warranty to have enough space to add the header "Age" when such cached responses are delivered. This patch must be backported to 2.0 and 1.9. For these versions, the same must be done for the legacy HTTP mode. --- diff --git a/src/cache.c b/src/cache.c index 242d7daf0b..24d402abeb 100644 --- a/src/cache.c +++ b/src/cache.c @@ -548,6 +548,7 @@ enum act_return http_action_store_cache(struct act_rule *rule, struct proxy *px, unsigned int key = *(unsigned int *)txn->cache_hash; struct htx *htx; struct http_hdr_ctx ctx; + size_t hdrs_len = 0; int32_t pos; /* Don't cache if the response came from a cache */ @@ -618,12 +619,17 @@ enum act_return http_action_store_cache(struct act_rule *rule, struct proxy *px, enum htx_blk_type type = htx_get_blk_type(blk); uint32_t sz = htx_get_blksz(blk); + hdrs_len += sizeof(*blk) + sz; chunk_memcat(&trash, (char *)&blk->info, sizeof(blk->info)); chunk_memcat(&trash, htx_get_blk_ptr(htx, blk), sz); if (type == HTX_BLK_EOH) break; } + /* Do not cache objects if the headers are too big. */ + if (hdrs_len > htx->size - global.tune.maxrewrite) + goto out; + shctx_lock(shctx); first = shctx_row_reserve_hot(shctx, NULL, sizeof(struct cache_entry) + trash.data); if (!first) {