30 lines
1.0 KiB
Diff
30 lines
1.0 KiB
Diff
From f3e9ca6abc4a03e48df4e9894323cad25472793f Mon Sep 17 00:00:00 2001
|
|
From: Dag Haavi Finstad <daghf@varnish-software.com>
|
|
Date: Tue, 24 Sep 2019 16:50:33 +0200
|
|
Subject: [PATCH 1/1] Add missing error handling in h2_rx_data
|
|
|
|
A failing write on a different stream will set h2->error, which would
|
|
cause us to panic here on the following AZ(h2->mailcall).
|
|
|
|
Fixes: #3040
|
|
---
|
|
bin/varnishd/http2/cache_http2_proto.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/bin/varnishd/http2/cache_http2_proto.c b/bin/varnishd/http2/cache_http2_proto.c
|
|
index 527fb8e61..902c1e08c 100644
|
|
--- a/bin/varnishd/http2/cache_http2_proto.c
|
|
+++ b/bin/varnishd/http2/cache_http2_proto.c
|
|
@@ -703,6 +703,8 @@ h2_rx_data(struct worker *wrk, struct h2_sess *h2, struct h2_req *r2)
|
|
Lck_Lock(&h2->sess->mtx);
|
|
while (h2->mailcall != NULL && h2->error == 0 && r2->error == 0)
|
|
AZ(Lck_CondWait(h2->cond, &h2->sess->mtx, 0));
|
|
+ if (h2->error || r2->error)
|
|
+ return (h2->error ? h2->error : r2->error);
|
|
AZ(h2->mailcall);
|
|
h2->mailcall = r2;
|
|
h2->req0->r_window -= h2->rxf_len;
|
|
--
|
|
2.27.0
|
|
|