Commit 6ae0a905 authored by Ondřej Surý's avatar Ondřej Surý
Browse files

Merge branch '2581-oldsize-assertion' into 'main'

Fix memory accounting bug in TLSDNS

Closes #2581

See merge request isc-projects/bind9!4809
parents 15f676f1 e4b07303
......@@ -806,7 +806,7 @@ struct isc_nmsocket {
TLS_STATE_ERROR,
TLS_STATE_CLOSING
} state;
uv_buf_t senddata;
isc_region_t senddata;
bool cycle;
isc_result_t pending_error;
/* List of active send requests. */
......
......@@ -1857,7 +1857,7 @@ processbuffer(isc_nmsocket_t *sock) {
case isc_nm_tcpdnssocket:
return (isc__nm_tcpdns_processbuffer(sock));
case isc_nm_tlsdnssocket:
return (isc__nm_tcpdns_processbuffer(sock));
return (isc__nm_tlsdns_processbuffer(sock));
default:
INSIST(0);
ISC_UNREACHABLE();
......
......@@ -276,6 +276,7 @@ tlsdns_connect_cb(uv_connect_t *uvreq, int status) {
return;
error:
sock->tls.pending_req = NULL;
isc__nm_failed_connect_cb(sock, req, result);
}
......@@ -759,7 +760,7 @@ isc__nm_tlsdns_failed_read_cb(isc_nmsocket_t *sock, isc_result_t result) {
isc__nmsocket_timer_stop(sock);
isc__nm_stop_reading(sock);
if (sock->tls.pending_req) {
if (sock->tls.pending_req != NULL) {
isc__nm_uvreq_t *req = sock->tls.pending_req;
sock->tls.pending_req = NULL;
isc__nm_failed_connect_cb(sock, req, ISC_R_CANCELED);
......@@ -1063,12 +1064,12 @@ static void
free_senddata(isc_nmsocket_t *sock) {
REQUIRE(VALID_NMSOCK(sock));
REQUIRE(sock->tls.senddata.base != NULL);
REQUIRE(sock->tls.senddata.len > 0);
REQUIRE(sock->tls.senddata.length > 0);
isc_mem_put(sock->mgr->mctx, sock->tls.senddata.base,
sock->tls.senddata.len);
sock->tls.senddata.length);
sock->tls.senddata.base = NULL;
sock->tls.senddata.len = 0;
sock->tls.senddata.length = 0;
}
static void
......@@ -1105,7 +1106,7 @@ tls_cycle_output(isc_nmsocket_t *sock) {
int err;
if (sock->tls.senddata.base != NULL ||
sock->tls.senddata.len > 0) {
sock->tls.senddata.length > 0) {
break;
}
......@@ -1114,42 +1115,43 @@ tls_cycle_output(isc_nmsocket_t *sock) {
}
sock->tls.senddata.base = isc_mem_get(sock->mgr->mctx, pending);
sock->tls.senddata.len = pending;
sock->tls.senddata.length = pending;
rv = BIO_read_ex(sock->tls.app_rbio, sock->tls.senddata.base,
pending, &bytes);
req = isc__nm_uvreq_get(sock->mgr, sock);
req->uvbuf.base = (char *)sock->tls.senddata.base;
req->uvbuf.len = sock->tls.senddata.length;
rv = BIO_read_ex(sock->tls.app_rbio, req->uvbuf.base,
req->uvbuf.len, &bytes);
RUNTIME_CHECK(rv == 1);
INSIST((size_t)pending == bytes);
err = uv_try_write(&sock->uv_handle.stream, &sock->tls.senddata,
1);
err = uv_try_write(&sock->uv_handle.stream, &req->uvbuf, 1);
if (err == pending) {
/* Wrote everything, restart */
isc__nm_uvreq_put(&req, sock);
free_senddata(sock);
continue;
}
if (err > 0) {
/* Partial write, send rest asynchronously */
memmove(sock->tls.senddata.base,
sock->tls.senddata.base + err, pending - err);
sock->tls.senddata.len = pending - err;
memmove(req->uvbuf.base, req->uvbuf.base + err,
req->uvbuf.len - err);
req->uvbuf.len = req->uvbuf.len - err;
} else if (err == UV_ENOSYS || err == UV_EAGAIN) {
/* uv_try_write is not supported, send asynchronously */
} else {
result = isc__nm_uverr2result(err);
isc__nm_uvreq_put(&req, sock);
free_senddata(sock);
break;
}
req = isc__nm_uvreq_get(sock->mgr, sock);
req->uvbuf.base = (char *)sock->tls.senddata.base;
req->uvbuf.len = sock->tls.senddata.len;
err = uv_write(&req->uv_req.write, &sock->uv_handle.stream,
&sock->tls.senddata, 1, tls_write_cb);
&req->uvbuf, 1, tls_write_cb);
INSIST(err == 0);
......@@ -1833,16 +1835,16 @@ isc__nm_tlsdns_shutdown(isc_nmsocket_t *sock) {
return;
}
if (atomic_load(&sock->connecting) || sock->accepting) {
return;
}
if (sock->tls.pending_req) {
if (sock->tls.pending_req != NULL) {
isc__nm_uvreq_t *req = sock->tls.pending_req;
sock->tls.pending_req = NULL;
isc__nm_failed_connect_cb(sock, req, ISC_R_CANCELED);
}
if (atomic_load(&sock->connecting) || sock->accepting) {
return;
}
if (sock->statichandle) {
isc__nm_failed_read_cb(sock, ISC_R_CANCELED);
return;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment