[master] e9e1373 Fail VCL if attempts are made to set any of the top-line fields (url, proto, reason, status etc.) to an empty string.

Poul-Henning Kamp phk at FreeBSD.org
Tue Feb 7 11:24:04 CET 2017 

commit e9e1373b66164f1fecb2ff20c7242381854d0c54
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date:   Tue Feb 7 10:22:41 2017 +0000

    Fail VCL if attempts are made to set any of the top-line fields
    (url, proto, reason, status etc.) to an empty string.
    
    Fixes #1856

diff --git a/bin/varnishd/cache/cache_vrt_var.c b/bin/varnishd/cache/cache_vrt_var.c
index 34be2a2..d731f6e 100644
--- a/bin/varnishd/cache/cache_vrt_var.c
+++ b/bin/varnishd/cache/cache_vrt_var.c
@@ -45,7 +45,7 @@ static char vrt_hostname[255] = "";
  */
 
 static void
-vrt_do_string(const struct http *hp, int fld,
+vrt_do_string(VRT_CTX, const struct http *hp, int fld,
     const char *err, const char *p, va_list ap)
 {
 	const char *b;
@@ -53,11 +53,15 @@ vrt_do_string(const struct http *hp, int fld,
 	CHECK_OBJ_NOTNULL(hp, HTTP_MAGIC);
 
 	b = VRT_String(hp->ws, NULL, p, ap);
-	if (b == NULL || *b == '\0') {
-		VSLb(hp->vsl, SLT_LostHeader, "%s", err);
+	if (b == NULL) {
+		VRT_fail(ctx, "Workspace overflow (%s)", err);
 		WS_MarkOverflow(hp->ws);
 		return;
 	}
+	if (*b == '\0') {
+		VRT_fail(ctx, "Setting %s to empty string", err);
+		return;
+	}
 	http_SetH(hp, fld, b);
 }
 
@@ -69,7 +73,7 @@ VRT_l_##obj##_##hdr(VRT_CTX, const char *p, ...)			\
 									\
 	CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);				\
 	va_start(ap, p);						\
-	vrt_do_string(ctx->http_##obj, fld, #obj "." #hdr, p, ap);	\
+	vrt_do_string(ctx, ctx->http_##obj, fld, #obj "." #hdr, p, ap);	\
 	va_end(ap);							\
 }
 
diff --git a/bin/varnishtest/tests/r01856.vtc b/bin/varnishtest/tests/r01856.vtc
new file mode 100644
index 0000000..d6cdd17
--- /dev/null
+++ b/bin/varnishtest/tests/r01856.vtc
@@ -0,0 +1,24 @@
+varnishtest "setting empty strings in line1 fields"
+
+server s1 {
+	rxreq
+	txresp
+} -start
+
+varnish v1 -vcl+backend {
+	sub vcl_recv {
+		set req.url = "";
+	}
+} -start
+
+logexpect l1 -v v1 -g raw {
+	expect * 1001 VCL_Error	"Setting req.url to empty string"
+} -start
+
+client c1 {
+	txreq
+	rxresp
+	expect resp.reason == "VCL failed"
+} -run
+
+logexpect l1 -wait

More information about the varnish-commit mailing list