Re: [PR] HTTP/3 support via OpenSSL 3.5 [trafficserver]

via GitHub Fri, 05 Jun 2026 18:52:34 -0700


Copilot commented on code in PR #13186:
URL: https://github.com/apache/trafficserver/pull/13186#discussion_r3366300130



##########
src/iocore/net/quic/QUICStreamVCAdapter.cc:
##########
@@ -84,18 +86,40 @@ QUICStreamVCAdapter::_read(size_t len)
     SCOPED_MUTEX_LOCK(lock, this->_write_vio.mutex, this_ethread());
 
     IOBufferReader *reader = this->_write_vio.get_reader();
-    block                  = 
make_ptr<IOBufferBlock>(reader->get_current_block()->clone());
+    if (reader->get_current_block() == nullptr || reader->block_read_avail() 
<= 0) {
+      return block;
+    }

Review Comment:
   `_read()` assumes `this->_write_vio.get_reader()` is non-null, but 
`do_io_write()` explicitly allows `buf == nullptr` (clears the buffer while 
leaving `op == VIO::WRITE`). In that case `_read()` will dereference a null 
reader and crash.



##########
src/iocore/net/quic/QUICStreamVCAdapter.cc:
##########
@@ -84,18 +86,40 @@ QUICStreamVCAdapter::_read(size_t len)
     SCOPED_MUTEX_LOCK(lock, this->_write_vio.mutex, this_ethread());
 
     IOBufferReader *reader = this->_write_vio.get_reader();
-    block                  = 
make_ptr<IOBufferBlock>(reader->get_current_block()->clone());
+    if (reader->get_current_block() == nullptr || reader->block_read_avail() 
<= 0) {
+      return block;
+    }
+
+    block = make_ptr<IOBufferBlock>(reader->get_current_block()->clone());
     if (block->size()) {
       block->consume(reader->start_offset);
-      block->_end             = std::min(block->start() + len, 
block->_buf_end);
-      this->_write_vio.ndone += block->size();
+      block->_end = std::min(block->start() + len, block->_buf_end);
+    }
+    if (block->size() == 0) {
+      block = nullptr;
     }
-    reader->consume(block->size());
   }
 
   return block;
 }
 
+void
+QUICStreamVCAdapter::_consume(size_t len)
+{
+  if (len == 0 || this->_write_vio.op != VIO::WRITE) {
+    return;
+  }
+
+  SCOPED_MUTEX_LOCK(lock, this->_write_vio.mutex, this_ethread());
+
+  IOBufferReader *reader      = this->_write_vio.get_reader();
+  const size_t    consume_len = std::min(len, 
static_cast<size_t>(std::max<int64_t>(reader->read_avail(), 0)));
+  if (consume_len > 0) {
+    reader->consume(consume_len);
+    this->_write_vio.ndone += consume_len;
+  }

Review Comment:
   `_consume()` also assumes a non-null write-side reader. If `do_io_write()` 
was called with `buf == nullptr`, `get_reader()` will be null and `_consume()` 
will crash when calling `read_avail()`/`consume()`.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Re: [PR] HTTP/3 support via OpenSSL 3.5 [trafficserver]

Reply via email to