From: Fabian Keil Date: Sun, 16 Oct 2011 12:40:34 +0000 (+0000) Subject: Fix a logic bug that could cause Privoxy to reuse a tainted server socket X-Git-Tag: v_3_0_18~88 X-Git-Url: http://www.privoxy.org/gitweb/user-manual/introduction.html?a=commitdiff_plain;h=9f64327796090c2d4c10400df689ef0eedf78ab6;p=privoxy.git Fix a logic bug that could cause Privoxy to reuse a tainted server socket It could happen for server sockets that got tainted by a server-header-tagger-induced block, in which case Privoxy doesn't necessarily read the whole server response. If keep-alive was enabled and the request following the blocked one was to the same host and using the same forwarding settings, Privoxy would send it on the tainted server socket. While the server would simply treat it as a pipelined request, Privoxy would later on fail to properly parse the server's response as it would try to parse the unread data from the first response as server headers for the second one. Regression introduced in jcc.c,v 1.315. --- diff --git a/jcc.c b/jcc.c index a3f14287..0345cafb 100644 --- a/jcc.c +++ b/jcc.c @@ -1,4 +1,4 @@ -const char jcc_rcs[] = "$Id: jcc.c,v 1.365 2011/09/04 11:10:56 fabiankeil Exp $"; +const char jcc_rcs[] = "$Id: jcc.c,v 1.366 2011/10/08 17:30:21 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/jcc.c,v $ @@ -2513,9 +2513,9 @@ static void serve(struct client_state *csp) continue_chatting = (csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE) - && (((csp->flags & CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE) - && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED)) - || (csp->flags & CSP_FLAG_CRUNCHED)) + && !(csp->flags & CSP_FLAG_SERVER_SOCKET_TAINTED) + && ((csp->flags & CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE) + || (csp->flags & CSP_FLAG_CRUNCHED)) && (csp->cfd != JB_INVALID_SOCKET) && (csp->flags & CSP_FLAG_CLIENT_CONNECTION_KEEP_ALIVE);