From 744451c7c412677dadfe626642ea5d980208e0d1 Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Mon, 28 Mar 2022 16:19:02 +0200 Subject: [PATCH] BUG/MEDIUM: mux-h1: Properly detect full buffer cases during message parsing When the destination buffer is full while there are still data to parse, the h1s must be marked as congested to be able to restart the parsing later. This work on headers and data parsing. But on trailers parsing, we fail to do so when the buffer is full before to parse the trailers. In this case, we skip the trailers parsing but the h1s is not marked as congested. This is important to be sure to wake up the mux to restart the parsing when some room is made in the buffer. Because of this bug, the message processing may hang till a timeout is triggered. Note that for 2.3 and 2.2, the EOM processing is buggy too, for the same reason. It should be fixed too on these versions. On the 2.0, only trailers parsing is affected. This patch must be backported as far as 2.0. On 2.3 and 2.2, the EOM parsing must be fixed too. --- src/mux_h1.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mux_h1.c b/src/mux_h1.c index 886caaaa7a..1459fadfab 100644 --- a/src/mux_h1.c +++ b/src/mux_h1.c @@ -1666,7 +1666,7 @@ static size_t h1_handle_trailers(struct h1s *h1s, struct h1m *h1m, struct htx *h TRACE_ERROR("parsing error, reject H1 message", H1_EV_RX_DATA|H1_EV_RX_TLRS|H1_EV_H1S_ERR, h1s->h1c->conn, h1s); h1_capture_bad_message(h1s->h1c, h1s, h1m, buf); } - else if (ret == -2) { + else if (ret == -2 || b_data(buf) != *ofs) { TRACE_STATE("RX path congested, waiting for more space", H1_EV_RX_DATA|H1_EV_RX_TLRS|H1_EV_H1S_BLK, h1s->h1c->conn, h1s); h1s->flags |= H1S_F_RX_CONGESTED; } -- 2.39.5