commit 683694ea3667ddec26f0e0d570155d4adbecce7c
author Christopher Faulet <cfaulet@haproxy.com> Tue Sep 03 22:22:12 2019 +0200
committer Christopher Faulet <cfaulet@haproxy.com> Wed Sep 04 10:41:49 2019 +0200
tree eefa30269ced8343f5356ab27344f3b4628fcba1
parent 554b3bc5a387058d4cd63f6dfa7d0e48d96e9c49

BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big

HTTP responses with headers than impinge upon the reserve must not be
cached. Otherwise, there is no warranty to have enough space to add the header
"Age" when such cached responses are delivered.

This patch must be backported to 2.0 and 1.9. For these versions, the same must
be done for the legacy HTTP mode.

(cherry picked from commit b066747107bc27b6b94cec794cd76f12c5588795)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

[Cf: The same was also done for the legacy HTTP mode]

src/cache.c

diff --git a/src/cache.c b/src/cache.c
index d23fe35..06bccb9 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -721,6 +721,7 @@
 	if (IS_HTX_STRM(s)) {
 		struct htx *htx = htxbuf(&s->res.buf);
 		struct http_hdr_ctx ctx;
+		size_t hdrs_len = 0;
 		int32_t pos;
 
 		/* Do not cache too big objects. */
@@ -755,11 +756,17 @@
 			enum htx_blk_type type = htx_get_blk_type(blk);
 			uint32_t sz = htx_get_blksz(blk);
 
+			hdrs_len += sizeof(*blk) + sz;
 			chunk_memcat(&trash, (char *)&blk->info, sizeof(blk->info));
 			chunk_memcat(&trash, htx_get_blk_ptr(htx, blk), sz);
 			if (type == HTX_BLK_EOH)
 				break;
 		}
+
+		/* Do not cache objects if the headers are too big. */
+		if (hdrs_len > htx->size - global.tune.maxrewrite)
+			goto out;
+
 	}
 	else {
 		struct hdr_ctx ctx;
@@ -789,6 +796,10 @@
 			}
 			http_remove_header2(msg, &txn->hdr_idx, &ctx);
 		}
+
+		/* Do not cache objects if the headers are too big. */
+		if (msg->sov > c_size(txn->rsp.chn) - global.tune.maxrewrite)
+			goto out;
 	}
 
 	shctx_lock(shctx);