[6.0] 91682e53f Ignore fields with invalid C-C values

Dridi Boukelmoune dridi.boukelmoune at gmail.com
Thu Jun 27 17:05:10 UTC 2019


commit 91682e53fa7d18c53b480f3916d791f9905a3ba3
Author: Federico G. Schwindt <fgsch at lodoss.net>
Date:   Thu Dec 27 17:14:55 2018 +0000

    Ignore fields with invalid C-C values
    
    Should address "HTTP cache must not reuse a response with an invalid
    Cache-Control: max-age (trailing alpha)" from https://cache-tests.fyi.

diff --git a/bin/varnishd/cache/cache_rfc2616.c b/bin/varnishd/cache/cache_rfc2616.c
index c9341fdd0..e78204782 100644
--- a/bin/varnishd/cache/cache_rfc2616.c
+++ b/bin/varnishd/cache/cache_rfc2616.c
@@ -34,6 +34,7 @@
 #include "cache_varnishd.h"
 
 #include "vtim.h"
+#include "vct.h"
 
 /*--------------------------------------------------------------------
  * TTL and Age calculation in Varnish
@@ -61,6 +62,21 @@
  *
  */
 
+static inline int
+rfc2616_time(const char *p)
+{
+	char *ep;
+	int val;
+	if (*p == '-')
+		return (0);
+	val = strtoul(p, &ep, 10);
+	for (; *ep != '\0' && vct_issp(*ep); ep++)
+		continue;
+	if (*ep == '\0' || *ep == ',')
+		return (val);
+	return (0);
+}
+
 void
 RFC2616_Ttl(struct busyobj *bo, vtim_real now, vtim_real *t_origin,
     float *ttl, float *grace, float *keep)
@@ -140,12 +156,7 @@ RFC2616_Ttl(struct busyobj *bo, vtim_real now, vtim_real *t_origin,
 		if ((http_GetHdrField(hp, H_Cache_Control, "s-maxage", &p) ||
 		    http_GetHdrField(hp, H_Cache_Control, "max-age", &p)) &&
 		    p != NULL) {
-
-			if (*p == '-')
-				max_age = 0;
-			else
-				max_age = strtoul(p, NULL, 0);
-
+			max_age = rfc2616_time(p);
 			*ttl = max_age;
 			break;
 		}
@@ -190,11 +201,7 @@ RFC2616_Ttl(struct busyobj *bo, vtim_real now, vtim_real *t_origin,
 	 */
 	if (*ttl >= 0 && http_GetHdrField(hp, H_Cache_Control,
 	    "stale-while-revalidate", &p) && p != NULL) {
-
-		if (*p == '-')
-			*grace = 0;
-		else
-			*grace = strtoul(p, NULL, 0);
+		*grace = rfc2616_time(p);
 	}
 
 	VSLb(bo->vsl, SLT_TTL,


More information about the varnish-commit mailing list