Validate that content length header matches object size on cache read #8976
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
masaori335
reviewed
Jul 25, 2022
| } else { | ||
| f.single_fragment = false; | ||
| } | ||
|
|
Member
There was a problem hiding this comment.
I wonder if this should be checked when selecting alternates, but then it wouldn't get cleaned up as well.
| } | ||
|
|
||
| // Now that we have selected an alternate, validate that the content length and object size match | ||
| MIMEField *field = alternate.response_get()->field_find(MIME_FIELD_CONTENT_LENGTH, MIME_LEN_CONTENT_LENGTH); |
Member
There was a problem hiding this comment.
A few style things -
if ( auto field = alternate.response_get()->field_find(MIIME_FIELD_CONTENT_LENGTH, MIME_LEN_CONTENT_LENGTH) ; field ) {
if ( auto cl = static_cast<uint64_t>(field->value_get_int64()) ; cl != doc_len) {
// ...
}
}
SolidWallOfCode
approved these changes
Aug 15, 2022
Contributor
|
Cherry-picked to v9.2.x |
cmcfarlen
added a commit
to cmcfarlen/trafficserver
that referenced
this pull request
Aug 23, 2022
…apache#8976) Co-authored-by: Vijay Mamidi <vijayabhaskar_mamidi@yahoo.com>
masaori335
pushed a commit
to masaori335/trafficserver
that referenced
this pull request
Feb 21, 2023
* asf/9.2.x: Updated ChangeLog utilize proxy.config.hostdb.host_file.interval config variable (apache#9039) Remove plugin parent_select unused symbols (apache#9023) Require use of 'override' keyword when valid. (apache#8737) Fix compile error on macOS (apache#9047) Validate that content length header matches object size on cache read (apache#8976) Fix reload memory leak (apache#9041) Update prepare_proxy_verifier.sh to work in non-git directories (apache#9048) Change linux/fs include to build with glibc 2.36 (apache#9027) ts::shared_mutex - Fix lock counting for debug (apache#9040)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR will fail a cache read if the content-length in the cached response header does not match the cached object size.