TSG-3395 hijack内存泄漏修复
管控策略统计计数修改
This commit is contained in:
fengweihao
@@ -923,7 +923,7 @@ struct insert_ctx
|
||||
struct insert_rule *rule;
|
||||
struct tfe_http_half * replacing;
|
||||
struct evbuffer *http_body;
|
||||
int actually_replaced;
|
||||
int actually_inserted;
|
||||
};
|
||||
|
||||
struct ip_data_ctx
|
||||
@@ -1554,7 +1554,10 @@ static void http_redirect(const struct tfe_http_session * session, enum tfe_http
|
||||
{
|
||||
assert(0);
|
||||
}
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REDIRECT]));
|
||||
if(ctx->enforce_rules[0].do_log > 0)
|
||||
{
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REDIRECT]));
|
||||
}
|
||||
|
||||
response = tfe_http_session_response_create(to_write, resp_code);
|
||||
tfe_http_std_field_write(response, TFE_HTTP_LOCATION, rd_url);
|
||||
@@ -1589,6 +1592,7 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev
|
||||
ctx->action = PG_ACTION_NONE;
|
||||
return;
|
||||
}
|
||||
|
||||
struct tfe_http_session * to_write_sess = NULL;
|
||||
if (events & EV_HTTP_RESP_HDR || tfe_http_in_hdr(events))
|
||||
{
|
||||
@@ -1605,6 +1609,10 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev
|
||||
snprintf(cont_len_str, sizeof(cont_len_str), "%lu", page_size);
|
||||
tfe_http_std_field_write(response, TFE_HTTP_CONT_LENGTH, cont_len_str);
|
||||
|
||||
if(ctx->enforce_rules[0].do_log > 0)
|
||||
{
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REJECT]));
|
||||
}
|
||||
tfe_http_half_append_body(response, page_buff, page_size, 0);
|
||||
tfe_http_half_append_body(response, NULL, 0, 0);
|
||||
tfe_http_session_response_set(to_write_sess, response);
|
||||
@@ -1613,6 +1621,10 @@ static void http_block(const struct tfe_http_session * session, enum tfe_http_ev
|
||||
}
|
||||
else
|
||||
{
|
||||
if(ctx->enforce_rules[0].do_log > 0)
|
||||
{
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REJECT]));
|
||||
}
|
||||
to_write_sess = tfe_http_session_allow_write(session);
|
||||
tfe_http_session_kill(to_write_sess);
|
||||
}
|
||||
@@ -1666,13 +1678,17 @@ static void http_hijack(const struct tfe_http_session * session, enum tfe_http_e
|
||||
}
|
||||
if (try_send_by_token(hijack_size) <= 0)
|
||||
{
|
||||
FREE(&hijack_buff);
|
||||
TFE_LOG_ERROR(g_pangu_rt->local_logger, "No token is available to send data, profile_id = %d", param->profile_id);
|
||||
ctx->action = PG_ACTION_NONE;
|
||||
return;
|
||||
}
|
||||
ctx->inject_sz = hijack_size;
|
||||
ATOMIC_ADD(&(g_pangu_rt->stat_val[STAT_ACTION_HIJACK_SZ]), hijack_size);
|
||||
|
||||
if(ctx->enforce_rules[0].do_log > 0)
|
||||
{
|
||||
ATOMIC_ADD(&(g_pangu_rt->stat_val[STAT_ACTION_HIJACK_SZ]), hijack_size);
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_HIJACK]));
|
||||
}
|
||||
char cont_len_str[16];
|
||||
|
||||
to_write_sess = tfe_http_session_allow_write(session);
|
||||
@@ -1686,7 +1702,6 @@ static void http_hijack(const struct tfe_http_session * session, enum tfe_http_e
|
||||
tfe_http_nonstd_field_write(response, "Content-Disposition", hijack_file_name);
|
||||
FREE(&hijack_file_name);
|
||||
}
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_HIJACK]));
|
||||
|
||||
const char* cont_disposition_val=tfe_http_std_field_read(to_write_sess->resp, TFE_HTTP_CONT_DISPOSITION);
|
||||
if (cont_disposition_val != NULL)
|
||||
@@ -1702,6 +1717,7 @@ static void http_hijack(const struct tfe_http_session * session, enum tfe_http_e
|
||||
tfe_http_session_response_set(to_write_sess, response);
|
||||
tfe_http_session_detach(session);
|
||||
ma_profile_table_free(hijack_profile);
|
||||
FREE(&hijack_buff);
|
||||
hijack_profile = NULL;
|
||||
}
|
||||
else
|
||||
@@ -1779,7 +1795,6 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_
|
||||
return;
|
||||
}
|
||||
ctx->inject_sz = ins_ctx->rule->inject_sz;
|
||||
ATOMIC_ADD(&(g_pangu_rt->stat_val[STAT_ACTION_INSERT_SZ]), ctx->inject_sz);
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -1849,8 +1864,12 @@ static void http_insert(const struct tfe_stream * stream, const struct tfe_http_
|
||||
if (rewrite_sz >0)
|
||||
{
|
||||
tfe_http_half_append_body(ins_ctx->replacing, rewrite_buff, rewrite_sz, 0);
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_INSERT]));
|
||||
ins_ctx->actually_replaced=1;
|
||||
if(ctx->enforce_rules[0].do_log > 0)
|
||||
{
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_INSERT]));
|
||||
ATOMIC_ADD(&(g_pangu_rt->stat_val[STAT_ACTION_INSERT_SZ]), ctx->inject_sz);
|
||||
}
|
||||
ins_ctx->actually_inserted=1;
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -1897,7 +1916,6 @@ static void http_manipulate(const struct tfe_stream * stream, const struct tfe_h
|
||||
break;
|
||||
case MA_ACTION_BLOCK:
|
||||
http_block(session, events, ctx);
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REJECT]));
|
||||
break;
|
||||
case MA_ACTION_REPLACE:
|
||||
http_replace(stream, session, events, body_frag, frag_size, ctx);
|
||||
@@ -2052,7 +2070,6 @@ void enforce_control_policy(const struct tfe_stream * stream, const struct tfe_h
|
||||
break;
|
||||
case PG_ACTION_REJECT:
|
||||
http_block(session, events, ctx);
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REJECT]));
|
||||
break;
|
||||
case PG_ACTION_MANIPULATE:
|
||||
http_manipulate(stream, session, events, body_frag, frag_size, ctx);
|
||||
@@ -2400,7 +2417,7 @@ static inline int ctx_actually_replaced(struct pangu_http_ctx * ctx)
|
||||
|
||||
if(ctx->action == PG_ACTION_MANIPULATE &&
|
||||
ctx->param->action == MA_ACTION_REPLACE &&
|
||||
ctx->n_enforce==1 && ctx->rep_ctx->actually_replaced==0)
|
||||
ctx->n_enforce==1 && ctx->rep_ctx->actually_replaced==1)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
@@ -2415,7 +2432,7 @@ static inline int ctx_actually_inserted(struct pangu_http_ctx * ctx)
|
||||
|
||||
if(ctx->action == PG_ACTION_MANIPULATE &&
|
||||
ctx->param->action == MA_ACTION_INSERT &&
|
||||
ctx->n_enforce==1 && ctx->ins_ctx->actually_replaced==0)
|
||||
ctx->n_enforce==1 && ctx->ins_ctx->actually_inserted==1)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
@@ -2430,7 +2447,7 @@ static inline int ctx_actually_manipulate(struct pangu_http_ctx * ctx)
|
||||
if(ctx->action == PG_ACTION_MANIPULATE &&
|
||||
(ctx->param->action == MA_ACTION_REDIRECT ||
|
||||
ctx->param->action == MA_ACTION_HIJACK)&&
|
||||
ctx->n_enforce==1 && ctx->manipulate_replaced==0)
|
||||
ctx->n_enforce==1 && ctx->manipulate_replaced==1)
|
||||
{
|
||||
return 1;
|
||||
}
|
||||
@@ -2482,20 +2499,23 @@ void pangu_on_http_end(const struct tfe_stream * stream,
|
||||
log_msg.action = ctx->param->action;
|
||||
}
|
||||
|
||||
if ((ctx->action != PG_ACTION_NONE&&
|
||||
!(ctx_actually_replaced(ctx))) ||
|
||||
(ctx->action != PG_ACTION_NONE&&
|
||||
!(ctx_actually_inserted(ctx))) ||
|
||||
(ctx->action != PG_ACTION_NONE&&
|
||||
!(ctx_actually_manipulate(ctx))))
|
||||
if(ctx->action != PG_ACTION_NONE &&
|
||||
(((ctx_actually_replaced(ctx)) ||
|
||||
(ctx_actually_inserted(ctx)) ||
|
||||
(ctx_actually_manipulate(ctx))) ||
|
||||
(ctx->action == PG_ACTION_MONIT ||
|
||||
ctx->action == PG_ACTION_REJECT ||
|
||||
ctx->action == PG_ACTION_WHITELIST)))
|
||||
{
|
||||
ret=pangu_send_log(g_pangu_rt->send_logger, &log_msg);
|
||||
ATOMIC_ADD(&(g_pangu_rt->stat_val[STAT_LOG_NUM]), ret);
|
||||
}
|
||||
if(ctx->rep_ctx && ctx->rep_ctx->actually_replaced==1)
|
||||
|
||||
if(ctx->rep_ctx && ctx->rep_ctx->actually_replaced==1 && ctx->enforce_rules[0].do_log ==1)
|
||||
{
|
||||
ATOMIC_INC(&(g_pangu_rt->stat_val[STAT_ACTION_REPLACE]));
|
||||
}
|
||||
|
||||
TFE_LOG_DEBUG(g_pangu_rt->local_logger, "cache %s %s upload=%d",
|
||||
session->req->req_spec.url,
|
||||
cache_pending_result_string(ctx->pending_result),
|
||||
|
||||
Reference in New Issue
Block a user