commit b066747107bc27b6b94cec794cd76f12c5588795
author Christopher Faulet <cfaulet@haproxy.com> Tue Sep 03 22:22:12 2019 +0200
committer Christopher Faulet <cfaulet@haproxy.com> Wed Sep 04 10:30:11 2019 +0200
tree 2813de007300ca15617af5eafd5b90cc7c21dc21
parent 15a4ce870a19bdb6e6ed0a210d844178145de1b3

BUG/MEDIUM: cache: Don't cache objects if the size of headers is too big

HTTP responses with headers than impinge upon the reserve must not be
cached. Otherwise, there is no warranty to have enough space to add the header
"Age" when such cached responses are delivered.

This patch must be backported to 2.0 and 1.9. For these versions, the same must
be done for the legacy HTTP mode.

src/cache.c

diff --git a/src/cache.c b/src/cache.c
index 242d7da..24d402a 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -548,6 +548,7 @@
 	unsigned int key = *(unsigned int *)txn->cache_hash;
 	struct htx *htx;
 	struct http_hdr_ctx ctx;
+	size_t hdrs_len = 0;
 	int32_t pos;
 
 	/* Don't cache if the response came from a cache */
@@ -618,12 +619,17 @@
 		enum htx_blk_type type = htx_get_blk_type(blk);
 		uint32_t sz = htx_get_blksz(blk);
 
+		hdrs_len += sizeof(*blk) + sz;
 		chunk_memcat(&trash, (char *)&blk->info, sizeof(blk->info));
 		chunk_memcat(&trash, htx_get_blk_ptr(htx, blk), sz);
 		if (type == HTX_BLK_EOH)
 			break;
 	}
 
+	/* Do not cache objects if the headers are too big. */
+	if (hdrs_len > htx->size - global.tune.maxrewrite)
+		goto out;
+
 	shctx_lock(shctx);
 	first = shctx_row_reserve_hot(shctx, NULL, sizeof(struct cache_entry) + trash.data);
 	if (!first) {