You are viewing a plain text version of this content. The canonical link for it is here.

Posted to github@trafficserver.apache.org by GitBox <gi...@apache.org> on 2021/07/19 15:38:42 UTC

[GitHub] [trafficserver] SolidWallOfCode opened a new pull request #8080: Fix length bug in validate_unmapped_url_path

SolidWallOfCode opened a new pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080


   This was the cause of some crashes in production. The host length has been adjusted for skipping the scheme but the path length has not, so using the latter causes the search to proceed beyond the end of the string. The result is if there is no '/' in the URL but there is a '/' within a few characters of the end of the URL, that '/' will be found leading to negative lengths being stored and thence `assert` failures dues to the logging output being too small.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode commented on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode commented on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-962503674


   [approve ci AuTest]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] bryancall commented on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

bryancall commented on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-882924407


   @vmamidi is going to take a look at it


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode commented on a change in pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode commented on a change in pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#discussion_r744174854



##########
File path: proxy/logging/LogAccess.cc
##########
@@ -1505,7 +1505,7 @@ LogAccess::validate_unmapped_url_path()
           // Attempt to find first '/' in the path
           if (m_client_req_unmapped_url_host_len > 0 &&
               (c = static_cast<char *>(
-                 memchr((void *)m_client_req_unmapped_url_host_str, '/', m_client_req_unmapped_url_path_len))) != nullptr) {
+                 memchr((void *)m_client_req_unmapped_url_host_str, '/', m_client_req_unmapped_url_host_len))) != nullptr) {

Review comment:
       Oh, that'd be very challenging.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode removed a comment on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode removed a comment on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-962503674


   [approve ci AuTest]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode commented on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode commented on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-962503640


   [ci approve AuTest]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] bneradt commented on a change in pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

bneradt commented on a change in pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#discussion_r672441521



##########
File path: proxy/logging/LogAccess.cc
##########
@@ -1505,7 +1505,7 @@ LogAccess::validate_unmapped_url_path()
           // Attempt to find first '/' in the path
           if (m_client_req_unmapped_url_host_len > 0 &&
               (c = static_cast<char *>(
-                 memchr((void *)m_client_req_unmapped_url_host_str, '/', m_client_req_unmapped_url_path_len))) != nullptr) {
+                 memchr((void *)m_client_req_unmapped_url_host_str, '/', m_client_req_unmapped_url_host_len))) != nullptr) {

Review comment:
       Is there a catch test that can be added as a regression test for this?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode removed a comment on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode removed a comment on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-962503562


   [ci approve autest]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] bneradt commented on a change in pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

bneradt commented on a change in pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#discussion_r672441521



##########
File path: proxy/logging/LogAccess.cc
##########
@@ -1505,7 +1505,7 @@ LogAccess::validate_unmapped_url_path()
           // Attempt to find first '/' in the path
           if (m_client_req_unmapped_url_host_len > 0 &&
               (c = static_cast<char *>(
-                 memchr((void *)m_client_req_unmapped_url_host_str, '/', m_client_req_unmapped_url_path_len))) != nullptr) {
+                 memchr((void *)m_client_req_unmapped_url_host_str, '/', m_client_req_unmapped_url_host_len))) != nullptr) {

Review comment:
       Is there a catch test that can be added as a regression test for this?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] bneradt commented on a change in pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

bneradt commented on a change in pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#discussion_r672441521



##########
File path: proxy/logging/LogAccess.cc
##########
@@ -1505,7 +1505,7 @@ LogAccess::validate_unmapped_url_path()
           // Attempt to find first '/' in the path
           if (m_client_req_unmapped_url_host_len > 0 &&
               (c = static_cast<char *>(
-                 memchr((void *)m_client_req_unmapped_url_host_str, '/', m_client_req_unmapped_url_path_len))) != nullptr) {
+                 memchr((void *)m_client_req_unmapped_url_host_str, '/', m_client_req_unmapped_url_host_len))) != nullptr) {

Review comment:
       Is there a catch test that can be added as a regression test for this?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode removed a comment on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode removed a comment on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-962503787


   [approve ci autest]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode commented on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode commented on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-962503787


   [approve ci autest]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode removed a comment on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode removed a comment on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-962503640


   [ci approve AuTest]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode merged pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode merged pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] bryancall commented on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

bryancall commented on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-882924407


   @vmamidi is going to take a look at it


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] bryancall commented on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

bryancall commented on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-882924407


   @vmamidi is going to take a look at it


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [trafficserver] SolidWallOfCode commented on pull request #8080: Fix length bug in validate_unmapped_url_path

Posted by GitBox <gi...@apache.org>.

SolidWallOfCode commented on pull request #8080:
URL: https://github.com/apache/trafficserver/pull/8080#issuecomment-962503562


   [ci approve autest]


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@trafficserver.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org