Skip to content

V
varnish-cache
Commit 8e238e95 authored by Poul-Henning Kamp's avatar Poul-Henning Kamp
Browse files
Options

If we cannot even make sense of the request, don't bother with 

attempting a reply.

Fixes #561



git-svn-id: http://www.varnish-cache.org/svn/trunk@4263 d4fa192b-c00b-0410-8231-f00ffab90ce4
parent 0cd1d1b5
Show whitespace changes
Inline Side-by-side
Showing with 37 additions and 21 deletions
bin/varnishd/cache_center.c
View file @ 8e238e95
...@@ -1093,6 +1093,13 @@ cnt_start(struct sess *sp) ...@@ -1093,6 +1093,13 @@ cnt_start(struct sess *sp)
http_Setup(sp->http, sp->ws); http_Setup(sp->http, sp->ws);
done = http_DissectRequest(sp); done = http_DissectRequest(sp);
/* If we could not even parse the request, just close */
if (done < 0) {
sp->step = STP_DONE;
vca_close_session(sp, "junk");
return (0);
}
/* Catch request snapshot */ /* Catch request snapshot */
sp->ws_req = WS_Snapshot(sp->ws); sp->ws_req = WS_Snapshot(sp->ws);
......
bin/varnishd/cache_http.c
View file @ 8e238e95
...@@ -406,7 +406,7 @@ http_splitline(struct worker *w, int fd, struct http *hp, ...@@ -406,7 +406,7 @@ http_splitline(struct worker *w, int fd, struct http *hp,
q = p; q = p;
for (; !vct_issp(*p); p++) { for (; !vct_issp(*p); p++) {
if (vct_isctl(*p)) if (vct_isctl(*p))
return (400); return (-1);
} }
hp->hd[h1].b = q; hp->hd[h1].b = q;
hp->hd[h1].e = p; hp->hd[h1].e = p;
...@@ -414,14 +414,14 @@ http_splitline(struct worker *w, int fd, struct http *hp, ...@@ -414,14 +414,14 @@ http_splitline(struct worker *w, int fd, struct http *hp,
/* Skip SP */ /* Skip SP */
for (; vct_issp(*p); p++) { for (; vct_issp(*p); p++) {
if (vct_isctl(*p)) if (vct_isctl(*p))
return (400); return (-1);
} }
/* Second field cannot contain LWS or CTL */ /* Second field cannot contain LWS or CTL */
q = p; q = p;
for (; !vct_islws(*p); p++) { for (; !vct_islws(*p); p++) {
if (vct_isctl(*p)) if (vct_isctl(*p))
return (400); return (-1);
} }
hp->hd[h2].b = q; hp->hd[h2].b = q;
hp->hd[h2].e = p; hp->hd[h2].e = p;
...@@ -432,7 +432,7 @@ http_splitline(struct worker *w, int fd, struct http *hp, ...@@ -432,7 +432,7 @@ http_splitline(struct worker *w, int fd, struct http *hp,
/* Skip SP */ /* Skip SP */
for (; vct_issp(*p); p++) { for (; vct_issp(*p); p++) {
if (vct_isctl(*p)) if (vct_isctl(*p))
return (400); return (-1);
} }
/* Third field is optional and cannot contain CTL */ /* Third field is optional and cannot contain CTL */
...@@ -440,7 +440,7 @@ http_splitline(struct worker *w, int fd, struct http *hp, ...@@ -440,7 +440,7 @@ http_splitline(struct worker *w, int fd, struct http *hp,
if (!vct_iscrlf(*p)) { if (!vct_iscrlf(*p)) {
for (; !vct_iscrlf(*p); p++) for (; !vct_iscrlf(*p); p++)
if (vct_isctl(*p)) if (vct_isctl(*p))
return (400); return (-1);
} }
hp->hd[h3].b = q; hp->hd[h3].b = q;
hp->hd[h3].e = p; hp->hd[h3].e = p;
......
bin/varnishtest/tests/r00354.vtc deleted 100644 → 0
View file @ 0cd1d1b5
# $Id$
test "#354 Segfault in strcmp in http_DissectRequest()"
server s1 {
rxreq
txresp
}
varnish v1 -vcl+backend {} -start
client c1 {
send "FOO\r\n\r\n"
rxresp
expect resp.status == 400
} -run
bin/varnishtest/tests/r00561.vtc 0 → 100644
View file @ 8e238e95
# $Id$
test "Junk request should not go to vcl_error"
server s1 {
rxreq
txresp
} -start
varnish v1 -vcl+backend {
sub vcl_error {
return (restart);
}
} -start
client c1 {
send "sljdslf\r\n\r\n"
delay .1
} -run
client c1 {
txreq
rxresp
} -run
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment