BUG/MINOR: mux-quic: handle properly recv ncbuf alloc failure
The function qc_get_ncbuf() is used to allocate a ncbuf content.
Allocation failure was handled using a plain BUG_ON.
Fix this by a proper error management. This buffer is only used for
STREAM frame reception to support out-of-order offsets. When an
allocation failed, close the connection with a QUIC internal error code.
This should be backported up to 2.6.
diff --git a/src/mux_quic.c b/src/mux_quic.c
index 294a0d7..e74bae0 100644
--- a/src/mux_quic.c
+++ b/src/mux_quic.c
@@ -426,13 +426,17 @@
return b_alloc(bptr);
}
+/* Allocate if needed buffer <ncbuf> for stream <qcs>.
+ *
+ * Returns the buffer instance or NULL on allocation failure.
+ */
static struct ncbuf *qc_get_ncbuf(struct qcs *qcs, struct ncbuf *ncbuf)
{
struct buffer buf = BUF_NULL;
if (ncb_is_null(ncbuf)) {
- b_alloc(&buf);
- BUG_ON(b_is_null(&buf));
+ if (!b_alloc(&buf))
+ return NULL;
*ncbuf = ncb_make(buf.area, buf.size, 0);
ncb_init(ncbuf, 0);
@@ -1043,9 +1047,9 @@
}
if (!qc_get_ncbuf(qcs, &qcs->rx.ncbuf) || ncb_is_null(&qcs->rx.ncbuf)) {
- /* TODO should mark qcs as full */
- ABORT_NOW();
- return 1;
+ TRACE_ERROR("receive ncbuf alloc failure", QMUX_EV_QCC_RECV|QMUX_EV_QCS_RECV, qcc->conn, qcs);
+ qcc_set_error(qcc, QC_ERR_INTERNAL_ERROR, 0);
+ goto err;
}
TRACE_DATA("newly received offset", QMUX_EV_QCC_RECV|QMUX_EV_QCS_RECV, qcc->conn, qcs);