Traffic Dump: Use the correct transaction user index#8548
Merged
bneradt merged 1 commit intoapache:masterfrom Dec 8, 2021
Merged
Traffic Dump: Use the correct transaction user index#8548bneradt merged 1 commit intoapache:masterfrom
bneradt merged 1 commit intoapache:masterfrom
Conversation
Traffic Dump has both session and transaction user data. In one of the calls to TSUserArgGet, it accidentally used the session index to access the transaction data. This could result in the corruption of another plugin's session data. This patch fixes this so the correct index is used.
randall
approved these changes
Dec 8, 2021
Contributor
|
Does this need to go into 9.1.x and any 8.x maintenance releases? |
Contributor
Author
I'll add it to 9.1.x. The 8.1.x traffic_dump plugin is pretty minimal and does not have this bug. Thanks. |
zwoop
pushed a commit
that referenced
this pull request
Jan 5, 2022
Traffic Dump has both session and transaction user data. In one of the calls to TSUserArgGet, it accidentally used the session index to access the transaction data. This could result in the corruption of another plugin's session data. This patch fixes this so the correct index is used. (cherry picked from commit 42ad946)
zwoop
pushed a commit
that referenced
this pull request
Jan 5, 2022
Traffic Dump has both session and transaction user data. In one of the calls to TSUserArgGet, it accidentally used the session index to access the transaction data. This could result in the corruption of another plugin's session data. This patch fixes this so the correct index is used. (cherry picked from commit 42ad946)
Contributor
|
Cherry-picked to v9.1.x branch. |
bneradt
added a commit
to bneradt/trafficserver
that referenced
this pull request
Jan 19, 2022
This reverts apache#8548 and instead directly calls HttpTransact::need_to_revalidate in TSHttpTxnCacheLookupStatusGet to ensure that an object which is a cache hit is indeed something ATS can return to the client. Fixes apache#8616
bneradt
added a commit
that referenced
this pull request
Jan 19, 2022
moonchen
pushed a commit
to moonchen/trafficserver
that referenced
this pull request
Mar 17, 2022
* asf/9.2.x: Updated ChangeLog docs: fix fedora install notes and spelling issues (apache#8537) Docs: Fix default value of proxy.config.ssl.handshake_timeout_in (apache#8574) Partial of revert "Cleanup generated LDFLAGS for jemalloc (apache#8285)" (apache#8533) TSUserArg: add value type checking (apache#8550) Relax key validation of sni.yaml (apache#8549) Clear random header value by AIO read error (apache#8559) Fixes macOS arm64 builds (again) (apache#8556) Traffic Dump: Use the correct transaction user index (apache#8548) combo_handler: Initialize User Arg Index in TSRemapInit (apache#8551) backout down parent retry limiting in parent selection and nexthop (apache#8546)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Traffic Dump has both session and transaction user data. In one of the
calls to TSUserArgGet, it accidentally used the session index to access
the transaction data. This could result in the corruption of another
plugin's session data. This patch fixes this so the correct index is
used.
In parallel I'm working on a core change that will detect incorrect indexing rather than allow the accidental corrupting of another plugin's data. See: #8550.