MINOR: hq_interop: Stop BUG_ON() truncated streams

This is required if we do not want to make haproxy crash during zerortt interop runner test which makes a client open multiple streams with long request paths.
2026-04-23 07:08:06 -04:00 · 2021-12-15 22:38:48 +01:00 · 2021-12-15 22:38:48 +01:00 · afd373c232
commit afd373c232
parent 3fe7df877d
1 changed files with 33 additions and 8 deletions
--- a/src/hq_interop.c
+++ b/src/hq_interop.c
@ -17,23 +17,48 @@ static int hq_interop_decode_qcs(struct qcs *qcs, int fin, void *ctx)
 	struct conn_stream *cs;
 	struct buffer htx_buf = BUF_NULL;
 	struct ist path;
-	char *ptr;
+	char *ptr = b_head(rxbuf);
+	char *end = b_wrap(rxbuf);
+	size_t size = b_size(rxbuf);
+	size_t data = b_data(rxbuf);

 	b_alloc(&htx_buf);
 	htx = htx_from_buf(&htx_buf);

 	/* skip method */
-	ptr = b_orig(rxbuf);
-	while (HTTP_IS_TOKEN(*ptr))
-		++ptr;
-	BUG_ON(!HTTP_IS_SPHT(*ptr));
-	++ptr;
+	while (data && HTTP_IS_TOKEN(*ptr)) {
+		if (++ptr == end)
+			ptr -= size;
+		data--;
+	}
+
+	if (!data || !HTTP_IS_SPHT(*ptr)) {
+		fprintf(stderr, "truncated stream\n");
+		return 0;
+	}
+
+	if (++ptr == end)
+		ptr -= size;
+
+	if (!--data) {
+		fprintf(stderr, "truncated stream\n");
+		return 0;
+	}

 	/* extract path */
 	BUG_ON(HTTP_IS_LWS(*ptr));
 	path.ptr = ptr;
-	while (!HTTP_IS_LWS(*ptr))
-		++ptr;
+	while (data && !HTTP_IS_LWS(*ptr)) {
+		if (++ptr == end)
+			ptr -= size;
+		data--;
+	}
+
+	if (!data) {
+		fprintf(stderr, "truncated stream\n");
+		return 0;
+	}
+
 	BUG_ON(!HTTP_IS_LWS(*ptr));
 	path.len = ptr - path.ptr;