If we get an illegal og bogus Vary: header from the backend,

turn the transaction into a "pass" and complain in VSL. Previously we faulted the fetch, but that was overly draconian.

If we get an illegal og bogus Vary: header from the backend,
turn the transaction into a "pass" and complain in VSL. Previously we faulted the fetch, but that was overly draconian.
0c3acbd6 · Poul-Henning Kamp · 0ad12998 · 0c3acbd6 · 0c3acbd6 · 0c3acbd6
Commit 0c3acbd6 authored Jul 04, 2013 by Poul-Henning Kamp
5 changed files
--- a/bin/varnishd/cache/cache_fetch.c
+++ b/bin/varnishd/cache/cache_fetch.c
@@ -232,8 +232,6 @@ vbf_stp_fetch(struct worker *wrk, struct busyobj *bo)
 	CHECK_OBJ_NOTNULL(bo, BUSYOBJ_MAGIC);

 	assert(wrk->handling == VCL_RET_DELIVER);
-	if (bo->uncacheable)
-		bo->fetch_objcore->flags |= OC_F_PASS;

 	/*
 	 * The VCL variables beresp.do_g[un]zip tells us how we want the
@@ -307,17 +305,23 @@ vbf_stp_fetch(struct worker *wrk, struct busyobj *bo)
 			assert(varyl == VSB_len(vary));
 			l += varyl;
 		} else if (varyl < 0) {
-			/* Vary parse error */
+			/*
+			 * Vary parse error
+			 * Complain about it, and make this a pass.
+			 */
+			VSLb(bo->vsl, SLT_Error,
+			    "Illegal 'Vary' header from backend, "
+			    "making this a pass.");
+			bo->uncacheable = 1;
 			AZ(vary);
-			AZ(HSH_Deref(&wrk->stats, bo->fetch_objcore, NULL));
-			bo->fetch_objcore = NULL;
-			VDI_CloseFd(&bo->vbc);
-			return (F_STP_ABANDON);
 		} else
 			/* No vary */
 			AZ(vary);
 	}

+	if (bo->uncacheable)
+		bo->fetch_objcore->flags |= OC_F_PASS;
+
 	if (bo->exp.ttl < cache_param->shortlived || bo->uncacheable == 1)
 		bo->storage_hint = TRANSIENT_STORAGE;


--- a/bin/varnishd/flint.lnt
+++ b/bin/varnishd/flint.lnt
@@ -169,3 +169,5 @@
 -e747	// 297 Significant prototype coercion (___) ___ to ___
 -e840	// Use of nul character in a string literal (see: vcc_if.c)
 -e663	// Suspicious array to pointer conversion
+-e778   // Constant expression evaluates to 0 in operation '___'
+
--- a/bin/varnishtest/tests/r00763.vtc
+++ b/bin/varnishtest/tests/r00763.vtc
@@ -3,6 +3,8 @@ varnishtest "Vary header with extra colon"
 server s1 {
 	rxreq
 	txresp -hdr "Vary:: foo" -hdr "Foo: bar" -bodylen 9
+	rxreq
+	txresp -hdr "Vary:: foo" -hdr "Foo: bar" -bodylen 8
 } -start

 varnish v1 -vcl+backend {} -start
@@ -10,5 +12,10 @@ varnish v1 -vcl+backend {} -start
 client c1 {
 	txreq
 	rxresp
-	expect resp.status == 503
+	expect resp.status == 200
+	expect resp.bodylen == 9
+	txreq
+	rxresp
+	expect resp.status == 200
+	expect resp.bodylen == 8
 } -run
--- a/bin/varnishtest/tests/r01274.vtc
+++ b/bin/varnishtest/tests/r01274.vtc
@@ -3,7 +3,10 @@ varnishtest "#1274 - panic when Vary field-name is too large to fit in a signed
 server s1 {
       rxreq
       # Vary header more than 127 characters long
-       txresp -hdr "Vary: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" 
+       txresp -hdr "Vary: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -bodylen 9
+       rxreq
+       # Vary header more than 127 characters long
+       txresp -hdr "Vary: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" -bodylen 8
 } -start

 varnish v1 -vcl+backend { } -start
@@ -11,5 +14,10 @@ varnish v1 -vcl+backend { } -start
 client c1 {
       txreq
       rxresp
-       expect resp.status == 503
+       expect resp.status == 200
+       expect resp.bodylen == 9
+       txreq
+       rxresp
+       expect resp.status == 200
+       expect resp.bodylen == 8
 } -run
--- a/bin/varnishtest/tests/r01275.vtc
+++ b/bin/varnishtest/tests/r01275.vtc
@@ -10,5 +10,5 @@ varnish v1 -vcl+backend { } -start
 client c1 {
       txreq
       rxresp
-       expect resp.status == 503
+       expect resp.status == 200
 } -run