bug 1898

From: Tsantilas Christos <chtsanti@dont-contact.us>
Date: Sat, 03 Mar 2007 14:03:18 +0200

Hi all,
   I think, I found what causes the assertion in tunnel.cc which
reported by bug 1898:
  assertion failed: tunnel.cc:372: "amount == (size_t)len"

Because I am not enough familiar with squid code I prefer the mailing
list instead of bugzila. I must say that I do not have a test case for
this bug....

The bug occurs in SslStateData::Connection::dataSent method which called
by SslStateData::writeClientDone and SslStateData::writeServerDone methods.

Both methods does not check for the comm_err_t flag.
In the case of some data but not all, written to the ssl server and the
ssl server closes the connection or an other error occurs, then the
SslStateData::writeServerDone will called with the len argument equal
to the size of written bytes which is len>0 but less than the size of
given data for write (the assertion amount == (size_t)len will fail).

I believe that the assertion must removed from
SslStateData::Connection::dataSent method and an error check for
comm_err flag must be inserted in SslStateData::writeClientDone and
SslStateData::writeServerDone methods:

void
SslStateData::Connection::dataSent (size_t amount)
{
- assert(amount == (size_t)len);
    len =0;
    /* increment total object size */

.......................

SslStateData::writeServerDone(char *buf, size_t len, comm_err_t flag,
int xerrno)
{
    debug(26, 3) ("sslWriteServer: FD %d, %d bytes written\n",
server.fd(), (int)len);
    /* Valid data */

    if (len > 0) {
        kb_incr(&statCounter.server.all.kbytes_out, len);
        kb_incr(&statCounter.server.other.kbytes_out, len);
        client.dataSent(len);
    }

- /* EOF */
- if (len == 0 ) {
+ /* EOF or error */
+ if (len == 0 || flag != COMM_OK ) {
        comm_close(server.fd());
        return;
    }

........................
Received on Sat Mar 03 2007 - 05:01:57 MST

This archive was generated by hypermail pre-2.1.9 : Sun Apr 01 2007 - 12:00:01 MDT