From 2be042f684bc488189a4b52aadfc7b8116aca3fd Mon Sep 17 00:00:00 2001 From: Alex Rousskov Date: Mon, 1 Dec 2014 03:59:46 -0800 Subject: [PATCH] Bug 4131: SIGSEGV at store.cc:962 content_length > store_maxobjsize --- src/Store.h | 2 ++ src/store.cc | 21 ++++++++++++++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/src/Store.h b/src/Store.h index 33975195ca..445dcfc8cf 100644 --- a/src/Store.h +++ b/src/Store.h @@ -226,6 +226,8 @@ protected: void transientsAbandonmentCheck(); private: + bool checkTooBig() const; + static MemAllocator *pool; unsigned short lock_count; /* Assume < 65536! */ diff --git a/src/store.cc b/src/store.cc index d576194fe1..1a70777fe3 100644 --- a/src/store.cc +++ b/src/store.cc @@ -932,6 +932,18 @@ StoreEntry::checkTooSmall() return 0; } +bool +StoreEntry::checkTooBig() const +{ + if (mem_obj->endOffset() > store_maxobjsize) + return true; + + if (getReply()->content_length < 0) + return false; + + return (getReply()->content_length > store_maxobjsize); +} + // TODO: move "too many open..." checks outside -- we are called too early/late bool StoreEntry::checkCachable() @@ -963,9 +975,12 @@ StoreEntry::checkCachable() debugs(20, 3, "StoreEntry::checkCachable: NO: negative cached"); ++store_check_cachable_hist.no.negative_cached; return 0; /* avoid release call below */ - } else if ((getReply()->content_length > 0 && - getReply()->content_length > store_maxobjsize) || - mem_obj->endOffset() > store_maxobjsize) { + } else if (!mem_obj || !getReply()) { + // XXX: In bug 4131, we forgetHit() without mem_obj, so we need + // this segfault protection, but how can we get such a HIT? + // TODO: add store_check_cachable_hist.no.parts if this check stays + debugs(20, 2, "StoreEntry::checkCachable: NO: missing parts: " << *this); + } else if (checkTooBig()) { debugs(20, 2, "StoreEntry::checkCachable: NO: too big"); ++store_check_cachable_hist.no.too_big; } else if (checkTooSmall()) { -- 2.47.2