upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-05-26 19:22:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 14

BUG/MINOR: mux-fcgi: Use relative offset to compute contig data in demux buf

Browse source 
b_contig_data() should be called with a head-relative offset (0 for the
beginning of readable data). However, in the FCGI multiplexer, to get
contiguous data available in the demux buffer, it is called with
b_head_ofs(dbuf) which returns an absolute buffer position (b->head). So
b->head is counted twice. Because of this bug, the demux buffer could be
realigned while it should not and conversely.

Instead, the offset 0 must be used. So let's fix it.

This patch must be backported as far as 2.4.
This commit is contained in:
Christopher Faulet 2026-05-26 16:31:32 +02:00
parent 3843f48faf
commit 3ffbf5539e
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/mux_fcgi.c
View file

@ -1595,7 +1595,7 @@ static int fcgi_conn_handle_values_result(struct fcgi_conn *fconn)
return 0;
}
if (unlikely(b_contig_data(dbuf, b_head_ofs(dbuf)) < fconn->drl)) {
if (unlikely(b_contig_data(dbuf, 0) < fconn->drl)) {
/* Realign the dmux buffer if the record wraps. It is unexpected
* at this stage because it should be the first record received
* from the FCGI application.
@ -2516,7 +2516,7 @@ static int fcgi_strm_handle_end_request(struct fcgi_conn *fconn, struct fcgi_str
return 0;
}
if (unlikely(b_contig_data(dbuf, b_head_ofs(dbuf)) < fconn->drl)) {
if (unlikely(b_contig_data(dbuf, 0) < fconn->drl)) {
/* Realign the dmux buffer if the record wraps. It is unexpected
* at this stage because it should be the first record received
* from the FCGI application.