From: Christopher Faulet <cfaulet@haproxy.com>
Date: Fri, 15 Apr 2022 13:26:24 +0000 (+0200)
Subject: BUG/MEDIUM: fcgi-app: Use http_msg flags to know if C-L header can be added
X-Git-Tag: v2.6-dev6~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=32af9a78303cc798eaf1dc506552862cc197e561;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: fcgi-app: Use http_msg flags to know if C-L header can be added

Instead of relying on the HTX start-line flags, it is better to rely on
http_msg flags to know if a content-length header can be added or not. In
addition, if the header is added, HTTP_MSGF_CNT_LEN flag must be added.

Because of this bug, an invalid message can be emitted when the response is
compressed because it may contain C-L and a T-E headers.

This patch should fix the issue #1660. It must be backported as far as 2.2.
---

diff --git a/src/fcgi-app.c b/src/fcgi-app.c
index 63e0bd2dd5..0bee447af1 100644
--- a/src/fcgi-app.c
+++ b/src/fcgi-app.c
@@ -350,7 +350,7 @@ static int fcgi_flt_http_headers(struct stream *s, struct filter *filter, struct
 		/* Add the header "Content-Length:" if possible */
 		sl = http_get_stline(htx);
 		if (s->txn->meth != HTTP_METH_HEAD && sl &&
-		    (sl->flags & (HTX_SL_F_XFER_LEN|HTX_SL_F_CLEN|HTX_SL_F_CHNK)) == HTX_SL_F_XFER_LEN &&
+		    (msg->flags & (HTTP_MSGF_XFER_LEN|HTTP_MSGF_CNT_LEN|HTTP_MSGF_TE_CHNK)) == HTTP_MSGF_XFER_LEN &&
 		    (htx->flags & HTX_FL_EOM)) {
 			struct htx_blk * blk;
 			char *end;
@@ -365,8 +365,10 @@ static int fcgi_flt_http_headers(struct stream *s, struct filter *filter, struct
 					len += htx_get_blksz(blk);
 			}
 			end = ultoa_o(len, trash.area, trash.size);
-			if (http_add_header(htx, ist("content-length"), ist2(trash.area, end-trash.area)))
+			if (http_add_header(htx, ist("content-length"), ist2(trash.area, end-trash.area))) {
 				sl->flags |= HTX_SL_F_CLEN;
+				msg->flags |= HTTP_MSGF_CNT_LEN;
+			}
 		}
 
 		return 1;