From: hno <> Date: Thu, 30 Aug 2007 19:15:13 +0000 (+0000) Subject: Bug #2028: Segmentation fault on http_reply_access deny X-Git-Tag: SQUID_3_0_PRE7~7 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c466369c77b6df0692d525777c251d4af00a7f50;p=thirdparty%2Fsquid.git Bug #2028: Segmentation fault on http_reply_access deny http_reply_access deny triggered an infinite recursion, eventually ending up in a segmentation fault. This patch builds on the previous patch to also exclude http_reply_access deny error responses from further http_reply_access processing. Note: When a request is denied by http_reply_access the internal client is reset to attach it to the error page instead, making http_reply_access be invoked again on the error. --- diff --git a/src/client_side_reply.cc b/src/client_side_reply.cc index 75edfdbe0c..f224718d24 100644 --- a/src/client_side_reply.cc +++ b/src/client_side_reply.cc @@ -1,6 +1,6 @@ /* - * $Id: client_side_reply.cc,v 1.137 2007/08/30 13:03:43 hno Exp $ + * $Id: client_side_reply.cc,v 1.138 2007/08/30 13:15:13 hno Exp $ * * DEBUG: section 88 Client-side Reply Routines * AUTHOR: Robert Collins (Originally Duane Wessels in client_side.c) @@ -1754,7 +1754,7 @@ clientReplyContext::processReplyAccess () buildMaxBodySize(reply); /* Dont't block our own responses or HTTP status messages */ - if (http->logType == LOG_TCP_DENIED || alwaysAllowResponse(reply->sline.status)) { + if (http->logType == LOG_TCP_DENIED || http->logType == LOG_TCP_DENIED_REPLY || alwaysAllowResponse(reply->sline.status)) { processReplyAccessResult(1); return; } @@ -1804,6 +1804,8 @@ clientReplyContext::processReplyAccessResult(bool accessAllowed) err_type page_id; page_id = aclGetDenyInfoPage(&Config.denyInfoList, AclMatchedName, 1); + http->logType = LOG_TCP_DENIED_REPLY; + if (page_id == ERR_NONE) page_id = ERR_ACCESS_DENIED; @@ -1818,7 +1820,6 @@ clientReplyContext::processReplyAccessResult(bool accessAllowed) startError(err); - http->logType = LOG_TCP_DENIED_REPLY; return; }