BUG/MAJOR: htx: Return the good block address after a defrag
When an HTX structure is defragmented, it is possible to retrieve the new block
corresponding to an old one. This is useful to do a defrag during a loop on
blocks, to be sure to continue looping on the good block. But, instead of
returning the address of the new block in the HTX structure, the one in the
temporary structure used to do the defrag was returned, leading to unexpected
behaviours.
This patch must be backported to 1.9.
diff --git a/src/htx.c b/src/htx.c
index bda293b..83243e0 100644
--- a/src/htx.c
+++ b/src/htx.c
@@ -26,13 +26,15 @@
struct buffer *chunk = get_trash_chunk();
struct htx *tmp = htxbuf(chunk);
struct htx_blk *newblk, *oldblk;
- uint32_t new, old;
+ uint32_t new, old, blkpos;
uint32_t addr, blksz;
int32_t sl_off = -1;
if (!htx->used)
return NULL;
+ blkpos = -1;
+
new = 0;
addr = 0;
tmp->size = htx->size;
@@ -54,13 +56,14 @@
if (htx->sl_off == oldblk->addr)
sl_off = addr;
+ /* if <blk> is defined, set its new position */
+ if (blk != NULL && blk == oldblk)
+ blkpos = new;
+
memcpy((void *)tmp->blocks + addr, htx_get_blk_ptr(htx, oldblk), blksz);
new++;
addr += blksz;
- /* if <blk> is defined, set its new location */
- if (blk != NULL && blk == oldblk)
- blk = newblk;
} while (new < htx->used);
htx->sl_off = sl_off;
@@ -68,7 +71,7 @@
htx->front = htx->tail = new - 1;
memcpy((void *)htx->blocks, (void *)tmp->blocks, htx->size);
- return blk;
+ return ((blkpos == -1) ? NULL : htx_get_blk(htx, blkpos));
}
/* Reserves a new block in the HTTP message <htx> with a content of <blksz>