[master] f0a4d995c http: Delay zero-length range check
Dridi Boukelmoune
dridi.boukelmoune at gmail.com
Fri Apr 4 14:50:07 UTC 2025
commit f0a4d995cfdfefb97a13ddc970b1136489ae8bc7
Author: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
Date: Fri Apr 4 16:16:41 2025 +0200
http: Delay zero-length range check
The check is delayed until after low and high indices are adjusted, to
avoid a scenario where the low index is zero for a content length of
zero, and seen as a valid range.
Spotted by Asad Sajjad Ahmed.
diff --git a/bin/varnishd/cache/cache_http.c b/bin/varnishd/cache/cache_http.c
index 37f54e2ac..26ec4d054 100644
--- a/bin/varnishd/cache/cache_http.c
+++ b/bin/varnishd/cache/cache_http.c
@@ -1007,9 +1007,6 @@ http_GetRange(const struct http *hp, ssize_t *lo, ssize_t *hi, ssize_t len)
assert(*lo >= -1);
assert(*hi >= -1);
- if (len <= 0)
- return (NULL); // Allow 200 response
-
if (*lo < 0) {
assert(*hi > 0);
*lo = len - *hi;
@@ -1020,6 +1017,9 @@ http_GetRange(const struct http *hp, ssize_t *lo, ssize_t *hi, ssize_t len)
*hi = len - 1;
}
+ if (len <= 0)
+ return (NULL); // Allow 200 response
+
if (*lo >= len)
return ("low range beyond object");
diff --git a/bin/varnishtest/tests/c00135.vtc b/bin/varnishtest/tests/c00135.vtc
new file mode 100644
index 000000000..76d877ec3
--- /dev/null
+++ b/bin/varnishtest/tests/c00135.vtc
@@ -0,0 +1,20 @@
+varnishtest "Range 0-0 (1B) on empty response"
+
+server s1 {
+ rxreq
+ txresp
+} -start
+
+varnish v1 -vcl+backend {} -start
+
+client c1 {
+ txreq
+ rxresp
+ expect resp.status == 200
+ expect resp.http.content-length == 0
+
+ txreq -hdr "range: bytes=0-0"
+ rxresp
+ expect resp.status == 200
+ expect resp.http.content-length == 0
+} -run
More information about the varnish-commit
mailing list