Guard against hash collisions in the vtp code

We use the first 64bit of a sha256 as our pool id, assuming that those are safe enough against collisions. Ensure we do not fail on that assumption. This also makes it a caller error to deliberately use the same pool id for different endpoints. As this was not possible before the id change, I do not consider it a regression. Ref: ec70dbc7

Guard against hash collisions in the vtp code
We use the first 64bit of a sha256 as our pool id, assuming that those are safe enough against collisions. Ensure we do not fail on that assumption. This also makes it a caller error to deliberately use the same pool id for different endpoints. As this was not possible before the id change, I do not consider it a regression. Ref: ec70dbc7
685a5786 · Nils Goroll · b0858dde · 685a5786
Commit 685a5786 authored Oct 30, 2019 by Nils Goroll
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 3 deletions

cache_tcp_pool.c bin/varnishd/cache/cache_tcp_pool.c +15 -3

No files found.
--- a/bin/varnishd/cache/cache_tcp_pool.c
+++ b/bin/varnishd/cache/cache_tcp_pool.c
@@ -685,12 +685,24 @@ VTP_Ref(const struct suckaddr *ip4, const struct suckaddr *ip6, const char *uds,
 	    (uds == NULL && (ip4 != NULL || ip6 != NULL)));

 	cp = VCP_Ref(id);
-	if (cp != NULL)
+	if (cp != NULL) {
+		tp = cp->priv;
+		CHECK_OBJ_NOTNULL(tp, TCP_POOL_MAGIC);
+
+		if (uds != NULL) {
+			AN(tp->uds);
+			AZ(strcmp(tp->uds, uds));
+		}
+		if (ip4 != NULL)
+			AZ(VSA_Compare(tp->ip4, ip4));
+		if (ip6 != NULL)
+			AZ(VSA_Compare(tp->ip6, ip6));
 		return (cp->priv);
+	}

 	/*
-	 * this is racy - we could end up with additional pools on the same id /
-	 * destination address with just a single connection
+	 * this is racy - we could end up with additional pools on the same id
+	 * with just a single connection
 	 */
 	ALLOC_OBJ(tp, TCP_POOL_MAGIC);
 	AN(tp);