- 08 Dec, 2022 1 commit
-
-
Dridi Boukelmoune authored
Otherwise a long banner may throw expectations off by one line. Fixes #3877
-
- 06 Dec, 2022 5 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
Neither Martin nor I can remember why this was uintptr_t in the first place, and there is no signs of pointers anywhere nearby.
-
Walid Boudebouda authored
Refs #3874
-
- 05 Dec, 2022 7 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
Dridi Boukelmoune authored
-
Dridi Boukelmoune authored
It makes no sense to emit this just before we end the transaction, except to help varnishncsa find the client IP address.
-
Poul-Henning Kamp authored
-
Dridi Boukelmoune authored
Upon success we expect a non-null pointer, and to make sure this is not residual uninitialized stack memory, it is null'd beforehand. /bin/varnishd/cache/cache_acceptor.c: 375 in vca_mk_tcp() 369 { 370 struct suckaddr *sa; 371 ssize_t sz; 372 373 AN(SES_Reserve_remote_addr(sp, &sa, &sz)); 374 assert(sz == vsa_suckaddr_len); >>> CID 1517259: Resource leaks (RESOURCE_LEAK) >>> Failing to save or free storage allocated by "VSA_Build(sa, &wa->acceptaddr, wa->acceptaddrlen)" leaks it. 375 AN(VSA_Build(sa, &wa->acceptaddr, wa->acceptaddrlen)); 376 sp->sattr[SA_CLIENT_ADDR] = sp->sattr[SA_REMOTE_ADDR]; It is precisely because we reserve the space to store the built suckaddr that there won't be a malloc() call made behind our back. For some reason, it only complained about one call site.
-
Dridi Boukelmoune authored
-
- 30 Nov, 2022 6 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
Inspired by: CHERI
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
Spotted as always: by Dridi
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 29 Nov, 2022 2 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 28 Nov, 2022 10 commits
-
-
Poul-Henning Kamp authored
-
Dridi Boukelmoune authored
The matching regular expression did not align with the substitution regular expression. Refs d2e526ce
-
Dridi Boukelmoune authored
-
Poul-Henning Kamp authored
-
AlveElde authored
Avoid marking an object as an IMS candidate when a weak Last-Modified header is the only validator. In the case where there is an ETag AND a weak Last-Modified header, add a If-None-Match header, but do not add an If-Modified-Since header.
-
AlveElde authored
Per RFC9110, the Last-Modified header is not a strong validator unless it is at least one second older than the Date header. This is to prevent revalidating content that has been changed within a second of the last response. In the case of an intermediate cache like Varnish, a weak Last-Modified validator is "weaker" than a weak ETag, and should not be used for revalidating content.
-
AlveElde authored
This commit prepares varnishtest for a change to Varnish revalidations, where the Last-Modified header must be at least one second older than the Date header for Varnish to send an If-Modified-Since header. Any explicitly defined Date header will override the default, and the Date header can be omitted with -nodate.
-
AlveElde authored
-
Nils Goroll authored
Motivated by #3868
-
Dridi Boukelmoune authored
Spotted by GCC's fortification level 3.
-
- 26 Nov, 2022 2 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 25 Nov, 2022 2 commits
-
-
Poul-Henning Kamp authored
-
Poul-Henning Kamp authored
-
- 22 Nov, 2022 2 commits
-
-
Dridi Boukelmoune authored
As a convenience, the error message includes the actual total length of data being g[un]zipped, in addition to the total_in amount of data processed so far.
-
Dridi Boukelmoune authored
To be consistent with how the file cursor behaves, the close_fd field is duplicated in the mmap cursor. If a VUT replaces stdin's file descriptor with a regular file's fd using dup2(2), we don't want to close it just because we managed to mmap(2) it. For some reason we don't use the closefd() macro in the VSL cursor code, potentially to avoid its underlying assertion in libvarnishapi. On the other hand we do use it in other places: $ git grep -l closefd -- lib/libvarnishapi/ lib/libvarnishapi/daemon.c lib/libvarnishapi/vsm.c So maybe in a subsequent change `(void)close(fd)` statements could turn into `closefd(&fd)` in vsl_cursor.c to harden those code paths as well.
-
- 21 Nov, 2022 3 commits
-
-
Nils Goroll authored
-
Nils Goroll authored
-
Nils Goroll authored
-