BUG/MEDIUM: mux-h1: Use buf_room_for_htx_data() to detect too large messages During headers parsing, an error is returned if the message is too large and does not fit in the input buffer. The mux h1 used the function b_full() to do so. But to allow zero copy transfers, in h1_recv(), the input buffer is pre-aligned and thus few bytes remains always free. To fix the bug, as during the trailers parsing, the function buf_room_for_htx_data() should be used instead. This patch must be backported to 2.0 and 1.9. (cherry picked from commit e5438b749c6381f7cb7c63155669f375b51943ff)

commit: 9466f4ba1eb59a57f509ea3e2db737c9d3948825 [log] [tgz]
author: Christopher Faulet <cfaulet@haproxy.com> Wed Jun 26 14:56:27 2019 +0200
committer: Christopher Faulet <cfaulet@haproxy.com> Wed Jun 26 15:30:59 2019 +0200
tree: 798f22f557b4f0e7f4fefa0a98ac298db8d35c1e
parent: 9869f93bb82963bbe159ce4cf948c067efa009a8 [diff] [blame]
diff --git a/src/mux_h1.c b/src/mux_h1.c
index 4594a62..78145df 100644
--- a/src/mux_h1.c
+++ b/src/mux_h1.c

@@ -984,7 +984,7 @@
 		/* Incomplete or invalid message. If the buffer is full, it's an
 		 * error because headers are too large to be handled by the
 		 * parser. */
-		if (ret < 0 || (!ret && b_full(buf)))
+		if (ret < 0 || (!ret && !buf_room_for_htx_data(buf)))
 			goto error;
 		goto end;
 	}
commit	9466f4ba1eb59a57f509ea3e2db737c9d3948825	[log] [tgz]
author	Christopher Faulet <cfaulet@haproxy.com>	Wed Jun 26 14:56:27 2019 +0200
committer	Christopher Faulet <cfaulet@haproxy.com>	Wed Jun 26 15:30:59 2019 +0200
tree	798f22f557b4f0e7f4fefa0a98ac298db8d35c1e
parent	9869f93bb82963bbe159ce4cf948c067efa009a8 [diff] [blame]