Add docs and prevent parse loops on client_request_buffer_max

diff --git a/doc/release-notes/release-3.1.sgml b/doc/release-notes/release-3.1.sgml
index ddada7356e7215337e0e61f5f90b46fb93258858..7bd27de98de2a90a54560eb5460e37f97f22932b 100644 (file)
--- a/doc/release-notes/release-3.1.sgml
+++ b/doc/release-notes/release-3.1.sgml
@@ -563,6 +563,10 @@ This section gives a thorough account of those changes in three categories:
        direct client address in delay pools.
        </verb>
 
+       <tag>client_request_buffer_max_size</tag>
+       <p>New directive added with squid-3.1.10 to set limits on the amount of buffer space allocated
+       for receiving upload and request data from clients.
+
         <tag>dns_v4_fallback</tag>
         <p>New option to prevent Squid from always looking up IPv4 regardless of whether IPv6 addresses are found.
            Squid will follow a policy of prefering IPv6 links, keeping the IPv4 only as a safety net behind IPv6.

diff --git a/src/cache_cf.cc b/src/cache_cf.cc
index 82c93178839efbdb8248bd1929a31b235041ded3..5fb2e0026ced338c27eae746d11dcf578c843360 100644 (file)
--- a/src/cache_cf.cc
+++ b/src/cache_cf.cc
@@ -908,6 +908,14 @@ configDoConfigure(void)
     }
 
 #endif
+
+    // prevent infinite fetch loops in the request parser
+    // due to buffer full but not enough data recived to finish parse
+    if (Config.maxRequestBufferSize <= Config.maxRequestHeaderSize) {
+        fatalf("Client request buffer of %d bytes cannot hold a request with %d bytes of headers." \
+               " Change client_request_buffer_max or request_header_max_size limits.",
+               Config.maxRequestBufferSize, Config.maxRequestHeaderSize);
+    }
 }
 
 /** Parse a line containing an obsolete directive.