[3.0] 3f2ce1e Don't panic on malformed Vary headers.
Martin Blix Grydeland
martin at varnish-cache.org
Tue Mar 19 16:35:49 CET 2013
commit 3f2ce1efedb7cab76048ae62a33b59023c06cb88
Author: Martin Blix Grydeland <martin at varnish-software.com>
Date: Mon Mar 18 17:07:46 2013 +0100
Don't panic on malformed Vary headers.
Fixes: #1275
Test case by: Dag Haavi Finstad
diff --git a/bin/varnishd/cache_vary.c b/bin/varnishd/cache_vary.c
index f6ec5f2..c53a19a 100644
--- a/bin/varnishd/cache_vary.c
+++ b/bin/varnishd/cache_vary.c
@@ -134,7 +134,11 @@ VRY_Create(const struct sess *sp, const struct http *hp, struct vsb **psb)
q++;
if (*q == '\0')
break;
- xxxassert(*q == ',');
+ if (*q != ',') {
+ WSP(sp, SLT_Error, "Malformed Vary header");
+ error = 1;
+ break;
+ }
p = q;
}
diff --git a/bin/varnishtest/tests/r01275.vtc b/bin/varnishtest/tests/r01275.vtc
new file mode 100644
index 0000000..72c7184
--- /dev/null
+++ b/bin/varnishtest/tests/r01275.vtc
@@ -0,0 +1,14 @@
+varnishtest "#1275 - panic with malformed Vary header"
+
+server s1 {
+ rxreq
+ txresp -hdr "Vary: foo bar"
+} -start
+
+varnish v1 -vcl+backend { } -start
+
+client c1 {
+ txreq
+ rxresp
+ expect resp.status == 503
+} -run
More information about the varnish-commit
mailing list