Uploaded image for project: 'Traffic Server'
  1. Traffic Server
  2. TS-4697

MIOBuffer is not freed if ipallow check fails in HttpSessionAccept::accept()

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.2.1, 7.0.0
    • Component/s: HTTP, Network
    • Labels:
      None

      Description

      void
      HttpSessionAccept::accept(NetVConnection *netvc, MIOBuffer *iobuf, IOBufferReader *reader)
      {
        sockaddr const *client_ip = netvc->get_remote_addr();
        const AclRecord *acl_record = NULL;
        ip_port_text_buffer ipb;
        IpAllow::scoped_config ipallow;
      
        // The backdoor port is now only bound to "localhost", so no
        // reason to check for if it's incoming from "localhost" or not.
        if (backdoor) {
          acl_record = IpAllow::AllMethodAcl();
        } else if (ipallow && (((acl_record = ipallow->match(client_ip)) == NULL) || (acl_record->isEmpty()))) {
          ////////////////////////////////////////////////////
          // if client address forbidden, close immediately //
          ////////////////////////////////////////////////////
          Warning("client '%s' prohibited by ip-allow policy", ats_ip_ntop(client_ip, ipb, sizeof(ipb)));
          netvc->do_io_close();
      
          return;   // ----------------->  MIOBuffer did not free.
        }
      ...
      
      

        Attachments

          Activity

            People

            • Assignee:
              oknet Oknet Xu
              Reporter:
              oknet Oknet Xu
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 5h
                5h