[ https://issues.apache.org/jira/browse/TS-4697?focusedWorklogId=26144&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-26144 ]
ASF GitHub Bot logged work on TS-4697: -------------------------------------- Author: ASF GitHub Bot Created on: 02/Aug/16 08:11 Start Date: 02/Aug/16 08:11 Worklog Time Spent: 10m Work Description: Github user oknet commented on the issue: https://github.com/apache/trafficserver/pull/823 @jpeach agree with u to return bool from SessionAccept::accept(). SessionAccept did not consume any parameters, It is just transfer parameters to ClientSession. as your said "Both the vc and the buffer should be treated consistently", I'm prefer to move do_io_close() and free MIOBuffer from SessionAccept to ProtocolProbeTrampoline. Just return false if ipallow check fails in XXXSessionAccept::accept(). Then, the NetVC and MIOBuffer will be close&free in ProtocolProbeTrampoline. Issue Time Tracking ------------------- Worklog Id: (was: 26144) Time Spent: 1h 50m (was: 1h 40m) > MIOBuffer is not freed if ipallow check fails in HttpSessionAccept::accept() > ---------------------------------------------------------------------------- > > Key: TS-4697 > URL: https://issues.apache.org/jira/browse/TS-4697 > Project: Traffic Server > Issue Type: Bug > Components: HTTP, Network > Reporter: Oknet Xu > Assignee: Oknet Xu > Fix For: 7.0.0 > > Time Spent: 1h 50m > Remaining Estimate: 0h > > {code} > void > HttpSessionAccept::accept(NetVConnection *netvc, MIOBuffer *iobuf, > IOBufferReader *reader) > { > sockaddr const *client_ip = netvc->get_remote_addr(); > const AclRecord *acl_record = NULL; > ip_port_text_buffer ipb; > IpAllow::scoped_config ipallow; > // The backdoor port is now only bound to "localhost", so no > // reason to check for if it's incoming from "localhost" or not. > if (backdoor) { > acl_record = IpAllow::AllMethodAcl(); > } else if (ipallow && (((acl_record = ipallow->match(client_ip)) == NULL) > || (acl_record->isEmpty()))) { > //////////////////////////////////////////////////// > // if client address forbidden, close immediately // > //////////////////////////////////////////////////// > Warning("client '%s' prohibited by ip-allow policy", > ats_ip_ntop(client_ip, ipb, sizeof(ipb))); > netvc->do_io_close(); > return; // -----------------> MIOBuffer did not free. > } > ... > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)