[master] 7de2ff8 Change assert to proper error message and test it.
Poul-Henning Kamp
phk at FreeBSD.org
Wed Jan 25 10:46:05 CET 2017
commit 7de2ff8e4225bb4776e7ffd8cd4f36d0e85b4d8c
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date: Wed Jan 25 09:44:17 2017 +0000
Change assert to proper error message and test it.
Fixes #2197
diff --git a/bin/varnishd/cache/cache_esi_parse.c b/bin/varnishd/cache/cache_esi_parse.c
index 7f17cc3..38ec348 100644
--- a/bin/varnishd/cache/cache_esi_parse.c
+++ b/bin/varnishd/cache/cache_esi_parse.c
@@ -479,7 +479,14 @@ vep_do_include(struct vep_state *vep, enum dowhat what)
if (l > 7 && !memcmp(p, "http://", 7)) {
h = p + 7;
p = strchr(h, '/');
- AN(p);
+ if (p == NULL) {
+ vep_error(vep,
+ "ESI 1.0 <esi:include> invalid src= URL");
+ vep->state = VEP_TAGERROR;
+ AZ(vep->attr_vsb);
+ VSB_destroy(&vep->include_src);
+ return;
+ }
Debug("HOST <%.*s> PATH <%s>\n", (int)(p-h),h, p);
VSB_printf(vep->vsb, "%c", VEC_INCL);
VSB_printf(vep->vsb, "Host: %.*s%c", (int)(p-h), h, 0);
@@ -496,7 +503,14 @@ vep_do_include(struct vep_state *vep, enum dowhat what)
"ESI 1.0 <esi:include> https:// treated as http://");
h = p + 8;
p = strchr(h, '/');
- AN(p);
+ if (p == NULL) {
+ vep_error(vep,
+ "ESI 1.0 <esi:include> invalid src= URL");
+ vep->state = VEP_TAGERROR;
+ AZ(vep->attr_vsb);
+ VSB_destroy(&vep->include_src);
+ return;
+ }
VSB_printf(vep->vsb, "%c", VEC_INCL);
VSB_printf(vep->vsb, "Host: %.*s%c", (int)(p-h), h, 0);
} else if (*p == '/') {
diff --git a/bin/varnishtest/tests/e00006.vtc b/bin/varnishtest/tests/e00006.vtc
index 759a0f4..6c9b5fd 100644
--- a/bin/varnishtest/tests/e00006.vtc
+++ b/bin/varnishtest/tests/e00006.vtc
@@ -43,3 +43,49 @@ client c1 {
client c1 -run
varnish v1 -expect esi_errors == 0
+
+# Now try with invalid URLs
+
+server s1 {
+ rxreq
+ expect req.url == /http
+ txresp -body {<esi:include src="http://foobar" />1234}
+ rxreq
+ expect req.url == /https
+ txresp -body {<esi:include src="https://foobar" />123456}
+} -start
+
+varnish v1 -vcl+backend {
+ sub vcl_recv {
+ set req.backend_hint = s2;
+ set req.backend_hint = s1;
+ }
+ sub vcl_backend_response {
+ set beresp.do_esi = true;
+ }
+}
+
+varnish v1 -cliok "param.set feature +esi_ignore_https"
+
+logexpect l1 -v v1 -g raw {
+ expect * * ESI_xmlerror "ERR at 35 ESI 1.0 <esi:include> invalid src= URL"
+ expect * * ESI_xmlerror "WARN at 36 ESI 1.0 <esi:include> https:// treated as http://"
+ expect * * ESI_xmlerror "ERR at 36 ESI 1.0 <esi:include> invalid src= URL"
+} -start
+
+client c1 {
+ txreq -url /http
+ rxresp
+ expect resp.status == 200
+ expect resp.bodylen == 4
+ txreq -url /https
+ rxresp
+ expect resp.status == 200
+ expect resp.bodylen == 6
+}
+
+client c1 -run
+
+logexpect l1 -wait
+
+varnish v1 -expect esi_errors == 2
More information about the varnish-commit
mailing list