You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Sudheer Vinukonda (JIRA)" <ji...@apache.org> on 2015/03/11 23:50:38 UTC
[jira] [Commented] (TS-3438) npn list being created with garbage
data
[ https://issues.apache.org/jira/browse/TS-3438?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14357750#comment-14357750 ]
Sudheer Vinukonda commented on TS-3438:
---------------------------------------
The code below doesn't check if {{ep->protocol}} is non-empty. It is still unclear how it could be empty though.
https://github.com/apache/trafficserver/blob/master/iocore/net/SSLNextProtocolSet.cc#L57
Adding an assert to check that the protocol is always valid (non-empty).
{code}
diff --git a/iocore/net/SSLNextProtocolSet.cc b/iocore/net/SSLNextProtocolSet.cc
index acfec7f..e6e5434 100644
--- a/iocore/net/SSLNextProtocolSet.cc
+++ b/iocore/net/SSLNextProtocolSet.cc
@@ -56,6 +56,7 @@ create_npn_advertisement(
*len = 0;
for (ep = endpoints.head; ep != NULL; ep = endpoints.next(ep)) {
+ ink_release_assert((strlen(ep->protocol) > 0));
*len += (strlen(ep->protocol) + 1);
}
{code}
> npn list being created with garbage data
> ----------------------------------------
>
> Key: TS-3438
> URL: https://issues.apache.org/jira/browse/TS-3438
> Project: Traffic Server
> Issue Type: Bug
> Components: SSL
> Reporter: Sudheer Vinukonda
>
> We noticed that occasionally upon a restart, the npn list built by ATS has garbage data (additional null bytes), resulting in the client failing to decode the ServerHello correctly. The problem would always go away with a restart and is hard to reproduce.
> Here's a trace that shows the good vs bad npn lists in the ServerHello:
> bad npn list (with spdy and http enabled):
> {code}
> Extension: next_protocol_negotiation
> Type: next_protocol_negotiation (0x3374)
> Length: 36
> Next Protocol Negotiation
> Protocol string length: 8
> Next Protocol: spdy/3.1
> Protocol string length: 6
> Next Protocol: spdy/3
> Protocol string length: 8
> Next Protocol: http/1.1
> Protocol string length: 8
> Next Protocol: http/1.0
> Protocol string length: 0
> Protocol string length: 0
> {code}
> good npn list:
> {code}
> Extension: next_protocol_negotiation
> Type: next_protocol_negotiation (0x3374)
> Length: 34
> Next Protocol Negotiation
> Protocol string length: 8
> Next Protocol: spdy/3.1
> Protocol string length: 6
> Next Protocol: spdy/3
> Protocol string length: 8
> Next Protocol: http/1.1
> Protocol string length: 8
> Next Protocol: http/1.0
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)