From 7d59e90473bbf3995ef11d146a7a4cf5c6d0c4b9 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Tue, 21 Oct 2014 19:36:09 +0200 Subject: [PATCH] BUG/MEDIUM: http: don't dump debug headers on MSG_ERROR When the HTTP parser is in state HTTP_MSG_ERROR, we don't know if it was already initialized or not. If the error happens before HTTP_MSG_RQBEFORE, random offsets might be present and we don't want to display such random strings in debug mode. While it's theorically possible to randomly crash the process when running in debug mode here, this bug was not tagged MAJOR because it would not make sense to run in debug mode in production. This fix must be backported to 1.5 and 1.4. --- src/proto_http.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/proto_http.c b/src/proto_http.c index 3a3aa80306..6497dac501 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -2546,7 +2546,7 @@ int http_wait_for_request(struct session *s, struct channel *req, int an_bit) /* 1: we might have to print this header in debug mode */ if (unlikely((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) && - (msg->msg_state >= HTTP_MSG_BODY || msg->msg_state == HTTP_MSG_ERROR))) { + msg->msg_state >= HTTP_MSG_BODY)) { char *eol, *sol; sol = req->buf->p; @@ -5694,7 +5694,7 @@ int http_wait_for_response(struct session *s, struct channel *rep, int an_bit) /* 1: we might have to print this header in debug mode */ if (unlikely((global.mode & MODE_DEBUG) && (!(global.mode & MODE_QUIET) || (global.mode & MODE_VERBOSE)) && - (msg->msg_state >= HTTP_MSG_BODY || msg->msg_state == HTTP_MSG_ERROR))) { + msg->msg_state >= HTTP_MSG_BODY)) { char *eol, *sol; sol = rep->buf->p; -- 2.47.3