From: Willy Tarreau Date: Thu, 4 Jan 2018 13:41:00 +0000 (+0100) Subject: BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames X-Git-Tag: v1.9-dev1~531 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4a28da1e9deadf0c542b957a323c1ca015c90fe4;p=thirdparty%2Fhaproxy.git BUG/MEDIUM: h2: properly handle the END_STREAM flag on empty DATA frames Peter Lindegaard Hansen reported a problem affecting some POST requests sent by MSIE on 1.8.3. Lukas found that we incorrectly dealt with the END_STREAM flag on empty DATA frames. What happens in fact is that while we correctly report that we've read a zero-byte frame, since commit 8fc016d ("BUG/MEDIUM: h2: support uploading partial DATA frames") backported into 1.8.2, we've been able to return without updating the parser's state nor checking the frame flags in this case. The fix is trival, we just need not to return too early. This fix must be backported to 1.8. --- diff --git a/src/mux_h2.c b/src/mux_h2.c index c6e15eca85..7bb51ea418 100644 --- a/src/mux_h2.c +++ b/src/mux_h2.c @@ -2770,7 +2770,7 @@ static int h2_frt_transfer_data(struct h2s *h2s, struct buffer *buf, int count) flen = h2c->dfl - h2c->dpl; if (!flen) - return 0; + goto end_transfer; if (flen > h2c->dbuf->i) { flen = h2c->dbuf->i; @@ -2817,6 +2817,7 @@ static int h2_frt_transfer_data(struct h2s *h2s, struct buffer *buf, int count) return flen; } + end_transfer: /* here we're done with the frame, all the payload (except padding) was * transferred. */