(trafficserver) 03/03: Check valid parent selection hash string (#12985)

Thu, 26 Mar 2026 10:49:59 -0700 

This is an automated email from the ASF dual-hosted git repository.

cmcfarlen pushed a commit to branch 10.2.x
in repository https://gitbox.apache.org/repos/asf/trafficserver.git

commit 08182ac3a316e76c38bc1bde76cbdad31f00a3fa
Author: Serris Santos <[email protected]>
AuthorDate: Wed Mar 25 11:22:03 2026 -0700

    Check valid parent selection hash string (#12985)
    
    * Check valid parent selection hash string
    
    * add regression test
    
    * off by one
    
    (cherry picked from commit 1252ea460dd5e007c6368b0ecadb5c5fb939b745)
---
 src/proxy/ParentSelection.cc | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/src/proxy/ParentSelection.cc b/src/proxy/ParentSelection.cc
index b282fba7b3..a1bc20452f 100644
--- a/src/proxy/ParentSelection.cc
+++ b/src/proxy/ParentSelection.cc
@@ -32,6 +32,7 @@
 #include "tscore/Regression.h"
 #include "tscore/Tokenizer.h"
 
+#include <string>
 #include <string_view>
 
 using namespace std::literals;
@@ -556,6 +557,11 @@ ParentRecord::ProcessParents(char *val, bool isPrimary)
       errPtr = "Parent string is empty";
       goto MERROR;
     }
+    if (tmp3 && strlen(tmp3 + 1) > MAXDNAME) {
+      errPtr = "Parent hash string is too long";
+      goto MERROR;
+    }
+
     // Update the pRecords
     if (isPrimary) {
       memcpy(this->parents[i].hostname, current, tmp - current);
@@ -1948,6 +1954,37 @@ 
EXCLUSIVE_REGRESSION_TEST(PARENTSELECTION)(RegressionTest * /* t ATS_UNUSED */,
   FP;
   RE(verify(result, ParentResultType::SPECIFIED, "minnie", 80), 213);
 
+  // Test 214
+  // Overlong hash_string (exceeding MAXDNAME chars) should be rejected by 
ProcessParents.
+  // The entry is discarded so findParent returns DIRECT.
+  {
+    tbl[0] = '\0';
+    ST(214);
+    std::string long_hash(MAXDNAME + 1, 'a');
+    std::string cfg = "dest_domain=. parent=host:80&" + long_hash + " 
round_robin=consistent_hash go_direct=true\n";
+    ink_strlcpy(tbl, cfg.c_str(), sizeof(tbl));
+    REBUILD;
+    REINIT;
+    br(request, "overlong.hash.net");
+    FP;
+    RE(verify(result, ParentResultType::DIRECT, nullptr, 0), 214);
+  }
+
+  // Test 215
+  // Max-length hash_string that fits (MAXDNAME chars) should be accepted.
+  {
+    tbl[0] = '\0';
+    ST(215);
+    std::string max_hash(MAXDNAME, 'b');
+    std::string cfg = "dest_domain=. parent=host:80&" + max_hash + " 
round_robin=consistent_hash go_direct=false\n";
+    ink_strlcpy(tbl, cfg.c_str(), sizeof(tbl));
+    REBUILD;
+    REINIT;
+    br(request, "maxlen.hash.net");
+    FP;
+    RE(verify(result, ParentResultType::SPECIFIED, "host", 80), 215);
+  }
+
   delete request;
   delete result;
   delete params;

Reply via email to