You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by du...@apache.org on 2018/09/12 18:50:50 UTC

[trafficserver] branch master updated: heap use after free

This is an automated email from the ASF dual-hosted git repository.

duke8253 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new 480ba87  heap use after free
480ba87 is described below

commit 480ba87c17badad20a20d85f88c8a992b893cfe0
Author: Fei Deng <du...@gmail.com>
AuthorDate: Wed Sep 12 10:03:19 2018 -0500

    heap use after free
---
 proxy/http/HttpTransact.cc | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index a861e60..76187b6 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -8146,7 +8146,12 @@ HttpTransact::client_result_stat(State *s, ink_hrtime total_time, ink_hrtime req
   ///////////////////////////////////////////////////////
   // don't count errors we generated as hits or misses //
   ///////////////////////////////////////////////////////
-  if ((s->source == SOURCE_INTERNAL) && (s->hdr_info.client_response.status_get() >= 400)) {
+  int client_response_status = HTTP_STATUS_NONE;
+  if (s->hdr_info.client_response.valid()) {
+    client_response_status = s->hdr_info.client_response.status_get();
+  }
+
+  if ((s->source == SOURCE_INTERNAL) && client_response_status >= 400) {
     client_transaction_result = CLIENT_TRANSACTION_RESULT_ERROR_OTHER;
   }
 
@@ -8241,9 +8246,8 @@ HttpTransact::client_result_stat(State *s, ink_hrtime total_time, ink_hrtime req
   }
   // Count the status codes, assuming the client didn't abort (i.e. there is an m_http)
   if ((s->source != SOURCE_NONE) && (s->client_info.abort == DIDNOT_ABORT)) {
-    int status_code = s->hdr_info.client_response.status_get();
 
-    switch (status_code) {
+    switch (client_response_status) {
     case 100:
       HTTP_INCREMENT_DYN_STAT(http_response_status_100_count_stat);
       break;
@@ -8364,7 +8368,7 @@ HttpTransact::client_result_stat(State *s, ink_hrtime total_time, ink_hrtime req
     default:
       break;
     }
-    switch (status_code / 100) {
+    switch (client_response_status / 100) {
     case 1:
       HTTP_INCREMENT_DYN_STAT(http_response_status_1xx_count_stat);
       break;