You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2017/03/09 18:03:10 UTC
[trafficserver] 03/03: heap-use-after-free: Access ua_session after
HttpTunnel::chain_abort_all called due to bad post chunked data
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch 7.1.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
commit 1f514da8e3e78c235d338390c5239c601aa637a5
Author: Oknet Xu <xu...@skyguard.com.cn>
AuthorDate: Tue Feb 28 22:50:31 2017 +0800
heap-use-after-free: Access ua_session after HttpTunnel::chain_abort_all called due to bad post chunked data
(cherry picked from commit e100051f29f08ebdac083cf93d7fa9c5b0435f87)
---
proxy/http/HttpSM.cc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/proxy/http/HttpSM.cc b/proxy/http/HttpSM.cc
index 7302959..de4b87b 100644
--- a/proxy/http/HttpSM.cc
+++ b/proxy/http/HttpSM.cc
@@ -5723,7 +5723,8 @@ HttpSM::do_setup_post_tunnel(HttpVC_t to_vc_type)
// If we're half closed, we got a FIN from the client. Forward it on to the origin server
// now that we have the tunnel operational.
- if (ua_session->get_half_close_flag()) {
+ // HttpTunnel could broken due to bad chunked data and close all vc by chain_abort_all().
+ if (p->handler_state != HTTP_SM_POST_UA_FAIL && ua_session->get_half_close_flag()) {
p->vc->do_io_shutdown(IO_SHUTDOWN_READ);
}
}
--
To stop receiving notification emails like this one, please contact
"commits@trafficserver.apache.org" <co...@trafficserver.apache.org>.