Revision: 14805
Author: adrian.chadd
Date: Mon Oct 18 18:54:50 2010
Log: First fix for Issue 116 - memory leaking of clientHttpRequest structs
during POST abort'ing.
Something weird has happened over the last few months where some sites
started issuing POSTs where the Content-Length for the request body
didn't match the amount of data available by the socket.
I'm not sure this is completely HTTP/1.x compliant so I'm leaving the
debugging in for now.
http://code.google.com/p/lusca-cache/source/detail?r=14805
Modified:
/branches/LUSCA_HEAD/src/client_side_body.c
=======================================
--- /branches/LUSCA_HEAD/src/client_side_body.c Thu Aug 26 19:28:30 2010
+++ /branches/LUSCA_HEAD/src/client_side_body.c Mon Oct 18 18:54:50 2010
@@ -10,20 +10,25 @@
if (buf && size < 0) {
return; /* Aborted, don't care */
}
- if (conn->body.size_left > 0) {
+ if (conn->in.offset > 0 && conn->body.size_left > 0) {
conn->body.callback = clientEatRequestBodyHandler;
conn->body.cbdata = http;
cbdataLock(conn->body.cbdata);
conn->body.buf = NULL;
conn->body.bufsize = SQUID_TCP_SO_RCVBUF;
clientProcessBody(conn);
+ return;
+ }
+
+ if (conn->in.offset == 0 && conn->body.size_left != 0) {
+ debug(1, 1) ("clientEatRequestBodyHandler: FD %d: no more data
left in socket; but request header says there should be; aborting for
now\n", conn->fd);
+ return;
+ }
+ if (http->request->flags.proxy_keepalive) {
+ debug(33, 5) ("clientEatRequestBodyHandler: FD %d Keeping
Alive\n", conn->fd);
+ clientKeepaliveNextRequest(http);
} else {
- if (http->request->flags.proxy_keepalive) {
- debug(33, 5) ("clientEatRequestBodyHandler: FD %d Keeping Alive\n",
conn->fd);
- clientKeepaliveNextRequest(http);
- } else {
- comm_close(conn->fd);
- }
+ comm_close(conn->fd);
}
}
@@ -95,6 +100,16 @@
request_t *request = conn->body.request;
/* Note: request is null while eating "aborted" transfers */
debug(33, 2) ("clientProcessBody: start fd=%d body_size=%lu
in.offset=%ld cb=%p req=%p\n", conn->fd, (unsigned long int)
conn->body.size_left, (long int) conn->in.offset, callback, request);
+#if 0
+ if (conn->in.offset == 0) {
+ /* This typically will only occur when some recursive call through the
body eating path has occured -adrian */
+ /* XXX so no need atm to call the callback handler; the original code
didn't! -adrian */
+ debug(33, 1) ("clientProcessBody: cbdata %p: would've leaked;
conn->in.offset=0 here\n", cbdata);
+ cbdataUnlock(conn->body.cbdata);
+ conn->body.cbdata = conn->body.callback = NULL;
+ return;
+ }
+#endif
if (conn->in.offset) {
int valid = cbdataValid(conn->body.cbdata);
if (!valid) {
--
You received this message because you are subscribed to the Google Groups
"lusca-commit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/lusca-commit?hl=en.
