This is an automated email from the ASF dual-hosted git repository.
bcall pushed a commit to branch 9.2.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/9.2.x by this push:
new 5d0835ea5a Fix a crash triggered by invalid range header (#10131)
5d0835ea5a is described below
commit 5d0835ea5a57003798497d07331fa4f89823c750
Author: Zhengxi Li <lzx404...@hotmail.com>
AuthorDate: Tue Aug 1 19:05:41 2023 -0400
Fix a crash triggered by invalid range header (#10131)
Co-authored-by: Katsutoshi Ikenoya <kiken...@yahoo-corp.jp>
---
proxy/http/HttpTransact.cc | 2 +-
.../headers/invalid_range_header.test.py | 73 ++++++++++++++++++++++
.../replays/invalid_range_request.replay.yaml | 57 +++++++++++++++++
3 files changed, 131 insertions(+), 1 deletion(-)
diff --git a/proxy/http/HttpTransact.cc b/proxy/http/HttpTransact.cc
index 69e8d3d6c6..221726f6c8 100644
--- a/proxy/http/HttpTransact.cc
+++ b/proxy/http/HttpTransact.cc
@@ -3105,7 +3105,7 @@ HttpTransact::build_response_from_cache(State *s,
HTTPWarningCode warning_code)
// this late.
TxnDebug("http_seq", "Out-of-order Range request - tunneling");
s->cache_info.action = CACHE_DO_NO_ACTION;
- if (s->force_dns) {
+ if (s->force_dns || s->dns_info.lookup_success) {
HandleCacheOpenReadMiss(s); // DNS is already completed no need of
doing DNS
} else {
CallOSDNSLookup(s);
diff --git a/tests/gold_tests/headers/invalid_range_header.test.py
b/tests/gold_tests/headers/invalid_range_header.test.py
new file mode 100644
index 0000000000..c96f2f5743
--- /dev/null
+++ b/tests/gold_tests/headers/invalid_range_header.test.py
@@ -0,0 +1,73 @@
+'''
+'''
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+
+Test.Summary = '''
+Test invalid values in range header
+'''
+Test.ContinueOnFail = True
+
+
+class InvalidRangeHeaderTest:
+ invalidRangeRequestReplayFile = "replays/invalid_range_request.replay.yaml"
+
+ def __init__(self):
+ self.setupOriginServer()
+ self.setupTS()
+
+ def setupOriginServer(self):
+ self.server = Test.MakeVerifierServerProcess("verifier-server1",
self.invalidRangeRequestReplayFile)
+
+ def setupTS(self):
+ self.ts = Test.MakeATSProcess("ts1")
+
self.ts.Disk.records_config.update({'proxy.config.diags.debug.enabled': 1,
+ 'proxy.config.diags.debug.tags':
'http',
+ 'proxy.config.http.cache.http': 1,
+
'proxy.config.http.cache.range.write': 1,
+
'proxy.config.http.cache.required_headers': 0,
+
'proxy.config.http.insert_age_in_response': 0})
+ self.ts.Disk.remap_config.AddLine(
+ f"map / http://127.0.0.1:{self.server.Variables.http_port}/";,
+ )
+
+ def runTraffic(self):
+ tr = Test.AddTestRun()
+ tr.AddVerifierClientProcess(
+ "client1",
+ self.invalidRangeRequestReplayFile,
+ http_ports=[self.ts.Variables.port],
+ other_args='--thread-limit 1')
+ tr.Processes.Default.StartBefore(self.server)
+ tr.Processes.Default.StartBefore(self.ts)
+ tr.StillRunningAfter = self.server
+ tr.StillRunningAfter = self.ts
+
+ # verification
+ tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
+ r"Received an HTTP/1 416 response for key 2",
+ "Verify that client receives a 416 response")
+ tr.Processes.Default.Streams.stdout += Testers.ContainsExpression(
+ r"x-responseheader: failed_response",
+ "Verify that the response came from the server")
+
+ def run(self):
+ self.runTraffic()
+
+
+InvalidRangeHeaderTest().run()
diff --git a/tests/gold_tests/headers/replays/invalid_range_request.replay.yaml
b/tests/gold_tests/headers/replays/invalid_range_request.replay.yaml
new file mode 100644
index 0000000000..5f6702bf0d
--- /dev/null
+++ b/tests/gold_tests/headers/replays/invalid_range_request.replay.yaml
@@ -0,0 +1,57 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+meta:
+ version: "1.0"
+
+sessions:
+ # Populate cache entry
+ - transactions:
+ - client-request:
+ method: "GET"
+ version: "1.1"
+ url: /range/1024
+ headers:
+ fields:
+ - [Host, stack-overflow-example.com]
+ - [uuid, 1]
+
+ server-response:
+ status: 200
+ headers:
+ fields:
+ - [Content-Length, 1024]
+ - [Content-Range, "bytes 0-1023/1024"]
+ - transactions:
+ - client-request:
+ # Give ATS enough time to populate the cache.
+ delay: 100ms
+ method: "GET"
+ version: "1.1"
+ url: /range/1024
+ headers:
+ fields:
+ - [Host, stack-overflow-example.com]
+ # Invalid range request
+ - [Range, bytes=100-20]
+ - [uuid, 2]
+
+ server-response:
+ status: 416
+ reason: Range Not Satisfiable
+ headers:
+ fields:
+ - [X-ResponseHeader, failed_response]
