-
Notifications
You must be signed in to change notification settings - Fork 895
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix content corruption in a chunked response on HTTP/1 over TLS #3894
Conversation
Motivation: There's a chance of HTTP content corruption when: - The current connection is TLS; - The current response is using chunked encoding; and - The content length is greater than 16378 (16384 - 6). .. due to a bug in Netty: netty/netty#11792 Modifications: - Fixed the math mistake in `Http1ObjectEncoder.MAX_TLS_DATA_LENGTH`, to prevent `HttpObjectEncoder` from putting its static final `ByteBuf` in the first place of `SslHandler`'s internal queue. Result: - No more HTTP content conrruption.
Codecov Report
@@ Coverage Diff @@
## master #3894 +/- ##
============================================
+ Coverage 73.26% 73.27% +0.01%
- Complexity 15528 15529 +1
============================================
Files 1365 1365
Lines 59831 59831
Branches 7582 7582
============================================
+ Hits 43833 43839 +6
+ Misses 12151 12145 -6
Partials 3847 3847
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (cause != null) { | ||
caughtExceptions.add(cause); | ||
} | ||
try { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This has to be guarded by an else
block. Let me push a fix commit.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Motivation:
There's a chance of HTTP content corruption when:
.. due to a bug in Netty: netty/netty#11792
Modifications:
Http1ObjectEncoder.MAX_TLS_DATA_LENGTH
,to prevent
HttpObjectEncoder
from putting its static finalByteBuf
in the first place of
SslHandler
's internal queue.Result: