BUG/MINOR: h3: do no crash on forwarding multiple chained response

h3_resp_headers_to_htx() is the function used to convert an HTTP/3
response into a HTX message. It was introduced on this release for QUIC
backend support.

A BUG_ON() would occur if multiple responses are forwarded
simultaneously on a stream without rcv_buf in between. Fix this by
removing it. Instead, if QCS HTX buffer is not empty when handling with
a new response, prefer to pause demux operation. This is restarted when
the buffer has been read and emptied by the upper stream layer.

No need to backport.

diff --git a/src/h3.c b/src/h3.c
index bc69408b69799c701410489462e71813ff54f231..161d0a4c3b2f578ff94c15b62f60afae0d0bf01d 100644 (file)
--- a/src/h3.c
+++ b/src/h3.c
@@ -1151,10 +1151,20 @@ static ssize_t h3_resp_headers_to_htx(struct qcs *qcs, const struct buffer *buf,
        }
 
        appbuf = qcc_get_stream_rxbuf(qcs);
-       BUG_ON(!appbuf || b_data(appbuf)); /* TODO */
+       BUG_ON(!appbuf); /* TODO */
        BUG_ON(!b_size(appbuf)); /* TODO */
        htx = htx_from_buf(appbuf);
 
+       /* Only handle one HEADERS frame at a time. Thus if HTX buffer is too
+        * small, it happens solely from a single frame and the only option is
+        * to close the stream.
+        */
+       if (!htx_is_empty(htx)) {
+               qcs->flags |= QC_SF_DEM_FULL;
+               len = 0;
+               goto out;
+       }
+
        /* first treat pseudo-header to build the start line */
        hdr_idx = 0;
        while (1) {