From: Christopher Faulet Date: Tue, 7 Jan 2020 09:01:57 +0000 (+0100) Subject: BUG/MINOR: channel: inject output data at the end of output X-Git-Tag: v2.2-dev1~133 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=584348be636fcc9f41b80ef0fde03c7899d75cd7;p=thirdparty%2Fhaproxy.git BUG/MINOR: channel: inject output data at the end of output In co_inject(), data must be inserted at the end of output, not the end of input. For the record, this function does not take care of input data which are supposed to not exist. But the caller may reset input data after or before the call. It is its own choice. This bug, among other effects, is visible when a redirect is performed on the response path, on legacy HTTP mode (so for HAProxy < 2.1). The redirect response is appended after the server response when it should overwrite it. Thanks to Kevin Zhu to report the bug. It must be backported as far as 1.9. --- diff --git a/src/channel.c b/src/channel.c index d4a46ffedd..8b0854ef5b 100644 --- a/src/channel.c +++ b/src/channel.c @@ -96,7 +96,7 @@ int co_inject(struct channel *chn, const char *msg, int len) if (len > max) return max; - memcpy(ci_tail(chn), msg, len); + memcpy(co_tail(chn), msg, len); b_add(&chn->buf, len); c_adv(chn, len); chn->total += len;