In hpack_dht_make_room(), we try to fulfill this rule form RFC7541#4.4 :
"It is not an error to attempt to add an entry that is larger than the
maximum size; an attempt to add an entry larger than the maximum size
causes the table to be emptied of all existing entries and results in
an empty table."
Unfortunately it is not consistent with the way it's used in
hpack_dht_insert() as this last one will consider a success as a
confirmation it can copy the header into the table, and a failure as
an indexing error. This results in the two following issues :
- if a client sends too large a header into an empty table, this
header may overflow the table. Fortunately, most clients send
small headers like :authority first, and never mark headers that
don't fit into the table as indexable since it is counter-productive ;
- if a client sends too large a header into a populated table, the
operation fails after the table is totally flushed and the request
is not processed.
This patch fixes the two issues at once :
- a header not fitting into an empty table is always a sign that it
will never fit ;
- not fitting into the table is not an error
Thanks to Yves Lafon for reporting detailed traces demonstrating this
issue. This fix must be backported to 1.8.
*/
static inline int hpack_dht_make_room(struct hpack_dht *dht, unsigned int needed)
{
- if (!dht->used || dht->used * 32 + dht->total + needed + 32 <= dht->size)
+ if (dht->used * 32 + dht->total + needed + 32 <= dht->size)
return 1;
+ else if (!dht->used)
+ return 0;
return __hpack_dht_make_room(dht, needed);
}
uint32_t headroom, tailroom;
if (!hpack_dht_make_room(dht, name.len + value.len))
- return -1;
+ return 0;
used = dht->used;
prev = head = dht->head;
projects / thirdparty / haproxy.git / commitdiff
