From: Christopher Faulet <cfaulet@haproxy.com>
Date: Wed, 27 Sep 2023 13:21:28 +0000 (+0200)
Subject: BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set
X-Git-Tag: v2.9-dev7~35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e7964eac2d3fc2b831f82b6b2825de3c5cdd5912;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: h1: Ignore C-L value in the H1 parser if T-E is also set

In fact, during the parsing there is already a test to remove the
Content-Length header if a Transfer-Encoding one is found. However, in the
parser, the content-length value was still used to set the body length (the
final one and the remaining one). This value is thus also used to set the
extra field in the HTX message and is then used during the sending stage to
announce the chunk size.

So, Content-Length header value must be ignored by the H1 parser to properly
reformat the message when it is sent.

This patch must be backported as far as 2.6. Lower versions don"t handle
this case.
---

diff --git a/src/h1.c b/src/h1.c
index 38b73cd955..2632bd3054 100644
--- a/src/h1.c
+++ b/src/h1.c
@@ -1143,6 +1143,7 @@ int h1_headers_to_hdr_list(char *start, const char *stop,
 				/* T-E + C-L: force close and remove C-L */
 				h1m->flags |= H1_MF_CONN_CLO;
 				h1m->flags &= ~H1_MF_CLEN;
+				h1m->curr_len = h1m->body_len = 0;
 				hdr_count = http_del_hdr(hdr, ist("content-length"));
 			}
 			else if (!(h1m->flags & H1_MF_VER_11)) {