libvmod-parsereq icon indicating copy to clipboard operation
libvmod-parsereq copied to clipboard

Published 20 hours ago verified publisher icon xcir

Crash when a request carries more than 64 http headers

Open wanlill opened this issue 11 years ago • 2 comments

here is a bug, if we make a http request with more than 64 http headers, then varnish will issue a 413 error, and this will go on to call vcl_error, however, vcl_error may already be hooked by lib-parsereq, thus the hooked error function will be called. The hooked error function will try to initialise the module and do http_SetHeader. Here is the problem, the call to http_SetHeader will fail because there are already 64 headers, so parsereq-mod will keep trying to reinitialise itself and exhaust the stack, finally core dumped. screen shot 2013-10-16 at 6 15 48 pm

wanlill avatar Oct 16 '13 10:10 wanlill

This dump seem to old version. Probably this issue not fixed by latest version. But, I want clarify to bug or old bug. Can you upgrade latest version?

xcir avatar Oct 27 '13 15:10 xcir

I am afraid that the new version still have this flaw, because a malformed request with more than 64 http request header can still prevent a new header (which we use in libvmod-parsereq) from being set, thus coredump

wanlill avatar Jan 09 '14 02:01 wanlill