1. 24 Aug, 2021 2 commits
  2. 23 Aug, 2021 3 commits
  3. 21 Aug, 2021 2 commits
  4. 20 Aug, 2021 10 commits
  5. 19 Aug, 2021 6 commits
  6. 17 Aug, 2021 17 commits
    • Dridi Boukelmoune's avatar
      vcc: Flexelint still thinks sym could be null · 00eaed81
      Dridi Boukelmoune authored
      When we check sym->wildcard for quoted headers.
      00eaed81
    • Dridi Boukelmoune's avatar
      vcl: Allow header names to be quoted · c71ab01e
      Dridi Boukelmoune authored
      Because we funnel HTTP header names through the symbol table they have
      to be valid VCL identifiers. It means that we can't support all valid
      header names, which are tokens in the HTTP grammar. To finally close this
      loophole without the help of a VMOD we allow header names to be quoted:
      
          req.http.regular-header
          req.http."quoted.header"
      
      However we don't want to allow any component of a symbol to be quoted:
      
          req."http".we-dont-want-this
      
      So we teach the symbol table that wildcard symbols may be quoted. There
      used to be several use cases for wildcards but it is now limited to HTTP
      headers.
      
      Refs #3246
      Refs #3379
      c71ab01e
    • Poul-Henning Kamp's avatar
    • Poul-Henning Kamp's avatar
      dfbc77ac
    • Poul-Henning Kamp's avatar
    • Dridi Boukelmoune's avatar
      5d7511cf
    • Dridi Boukelmoune's avatar
      v1l: Prevent conceptual use-after-free · 9f1d6a90
      Dridi Boukelmoune authored
      The miniobj resides in the workspace it's rolling back. To preserve its
      zeroing we need to roll back afterwards.
      9f1d6a90
    • Dridi Boukelmoune's avatar
      busyobj: Plug conceptual leak · 246b1eb1
      Dridi Boukelmoune authored
      It's harmless with a regular workspace, but technically we are leaving
      outstanding allocations in the workspace.
      246b1eb1
    • Dridi Boukelmoune's avatar
      sess: Plug conceptual leak · ce71896a
      Dridi Boukelmoune authored
      It's harmless with a regular workspace, but technically we are leaving
      outstanding allocations in the workspace.
      ce71896a
    • Dridi Boukelmoune's avatar
      req: Prevent early rollback · 0632b846
      Dridi Boukelmoune authored
      After a cleanup we may still use the request's workspace, so the final
      rollback should instead happen at release time before we give the memory
      back to the pool.
      0632b846
    • Dridi Boukelmoune's avatar
      panic: Optionally track miniobjs · 0b32af6d
      Dridi Boukelmoune authored
      PAN_dump_struct2() is now renamed to PAN__DumpStruct() following the
      guidelines from apispaces.rst in addition to growing a track argument.
      This should allow dumping structures that we know ought to be dumped
      only once, in case they would be numerous.
      
      There seems to be no good reason to expose it to VMODs yet since they
      have no integration point with the panic output, so those definitions
      can be confined in cache_varnishd.h for now.
      
      Better diff with the --ignore-all-space option.
      0b32af6d
    • Dridi Boukelmoune's avatar
      wrk: Track workers to dump them during a panic · 3fc78478
      Dridi Boukelmoune authored
      In the most common case of a VCL transaction panicking this should only
      result in an extra "Already dumped, see above" message, but it may give
      more insights for other kinds of tasks.
      3fc78478
    • Dridi Boukelmoune's avatar
      ws: New WS_Dump() facility · 343e680a
      Dridi Boukelmoune authored
      Getting rid of the very last direct access inside struct ws from
      vmod_vtc.
      343e680a
    • Dridi Boukelmoune's avatar
      vca: Prevent conceptual workspace use-after-release · 1d140b1a
      Dridi Boukelmoune authored
      Releasing a reservation or rolling back too early is harmless as long as
      nothing is allocated on the workspace that could overwrite its contents.
      
      Once you swap the workspace in its current form with a different kind of
      allocator it can turn into effective use-after-free, if rolled back or
      released state doesn't linger.
      1d140b1a
    • Dridi Boukelmoune's avatar
      ws: Reserve the requested size · 94337ba5
      Dridi Boukelmoune authored
      Instead of guaranteeing the pointer alignment of ws->r at the expense of
      sometimes reserving more than requested, we can instead drop the pointer
      alignment requirement since that does not refer to the beginning of the
      allocation.
      
      Instead, it is in WS_Release() that we guarantee that the ws->f remains
      aligned for the next allocation. And WS_Release() already did that so we
      might as well avoid the potential overcommit from WS_ReserveSize().
      
      This is going to be helpful for a workspace emulator, to make sure that
      the alignment overhead wouldn't allow off-by-little overflows to sneak
      past the address sanitizer. This very change was initially made for a
      workspace sanitizer.
      
      It is also a good occasion to make the relevant checks around the ws->r
      pointer in WS_Assert().
      
      This change is visible in r03131.vtc that now exhibits this behavior.
      
      Refs #3320
      94337ba5
    • Dridi Boukelmoune's avatar
      ws: Forbid zero-length allocations · 4c9e068d
      Dridi Boukelmoune authored
      Not even failing to allocate, but outright panicking.
      4c9e068d
    • Dridi Boukelmoune's avatar
      ws: Remove deprecated WS_Front() · 46d9e79e
      Dridi Boukelmoune authored
      46d9e79e