Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 6ca89162dc881df8fecd7713ca1fe5dbaa66b315^! / . / src / cache.c
commit6ca89162dc881df8fecd7713ca1fe5dbaa66b315[log] [tgz]
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>Thu Jan 07 14:50:51 2021 +0100
committerWilliam Lallemand <wlallemand@haproxy.org>Fri Jan 15 22:33:05 2021 +0100
tree7f07c0bc5fc1e295c3f3ea2b1917615dbb0ed2f0
parentb62b78be131de1848d71350d369deac07daf448a [diff] [blame]
MINOR: cache: Do not store responses with an unknown encoding

If a server varies on the accept-encoding header and it sends a response
with an encoding we do not know (see parse_encoding_value function), we
will not store it. This will prevent unexpected errors caused by
cache collisions that could happen in accept_encoding_hash_cmp.

diff --git a/src/cache.c b/src/cache.c
index 7f6955a..32c99cd 100644
--- a/src/cache.c
+++ b/src/cache.c

@@ -933,8 +933,11 @@
  * Look for the accept-encoding part of the secondary_key and replace the
  * encoding bitmap part of the hash with the actual encoding of the response,
  * extracted from the content-encoding header value.
+ * Responses that have an unknown encoding will not be cached if they also
+ * "vary" on the accept-encoding value.
+ * Returns 0 if we found a known encoding in the response, -1 otherwise.
  */
-static void set_secondary_key_encoding(struct htx *htx, char *secondary_key)
+static int set_secondary_key_encoding(struct htx *htx, char *secondary_key)
 {
 	unsigned int resp_encoding_bitmap = 0;
 	const struct vary_hashing_information *info = vary_information;
@@ -952,13 +955,12 @@
 	}
 
 	if (count == hash_info_count)
-		return;
+		return -1;
 
 	while (http_find_header(htx, ist("content-encoding"), &ctx, 0)) {
-		if (!parse_encoding_value(ctx.value, &encoding_value, NULL))
-			resp_encoding_bitmap |= encoding_value;
-		else
-			resp_encoding_bitmap |= VARY_ENCODING_OTHER;
+		if (parse_encoding_value(ctx.value, &encoding_value, NULL))
+			return -1; /* Do not store responses with an unknown encoding */
+		resp_encoding_bitmap |= encoding_value;
 	}
 
 	if (!resp_encoding_bitmap)
@@ -967,6 +969,8 @@
 	/* Rewrite the bitmap part of the hash with the new bitmap that only
 	 * corresponds the the response's encoding. */
 	write_u32(secondary_key + offset, resp_encoding_bitmap);
+
+	return 0;
 }
 
 
@@ -1197,9 +1201,12 @@
 	/* If the response has a secondary_key, fill its key part related to
 	 * encodings with the actual encoding of the response. This way any
 	 * subsequent request having the same primary key will have its accepted
-	 * encodings tested upon the cached response's one. */
+	 * encodings tested upon the cached response's one.
+	 * We will not cache a response that has an unknown encoding (not
+	 * explicitely supported in parse_encoding_value function). */
 	if (cache->vary_processing_enabled && vary_signature)
-		set_secondary_key_encoding(htx, object->secondary_key);
+		if (set_secondary_key_encoding(htx, object->secondary_key))
+		    goto out;
 
 	shctx_lock(shctx);
 	if (!shctx_row_reserve_hot(shctx, first, trash.data)) {