- Fix Bug 5318: peer_digest.cc:399: "fetch->pd && receivedData.data" (#1584)

SOURCES/Bug-5318-fetch-pdreceivedData-data.patch

@@ -0,0 +1,46 @@
+From b6c01a2031944125b8cc6974f598c2cd66f0cee4 Mon Sep 17 00:00:00 2001
+From: Alex Rousskov <rousskov@measurement-factory.com>
+Date: Mon, 20 Nov 2023 23:05:00 +0000
+Subject: [PATCH] Bug 5318: peer_digest.cc:399: "fetch->pd &&
+ receivedData.data" (#1584)
+
+Recent commit 122a6e3 removed HTTP response headers from store_client
+responses. That removal created the possibility of an empty
+StoreIOBuffer at the beginning of the feeding sequence. Pending Bug 5317
+fix will make such buffers even more frequent. Existing store_client
+recipients have varying requirements with regard to empty response
+buffers, as documented in store_client::finishCallback(). We missed this
+requirement conflict in Cache Digest code. This fix adjusts Cache
+Digests code to be compatible with empty StoreIOBuffer representation in
+current store_client code.
+---
+ src/peer_digest.cc | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/peer_digest.cc b/src/peer_digest.cc
+index e29614afd2c..7d290cc9013 100644
+--- a/src/peer_digest.cc
++++ b/src/peer_digest.cc
+@@ -349,11 +349,11 @@ peerDigestHandleReply(void *data, StoreIOBuffer receivedData)
+         return;
+     }
+ 
+-    assert(fetch->pd && receivedData.data);
++    assert(fetch->pd);
+     /* The existing code assumes that the received pointer is
+      * where we asked the data to be put
+      */
+-    assert(fetch->buf + fetch->bufofs == receivedData.data);
++    assert(!receivedData.data || fetch->buf + fetch->bufofs == receivedData.data);
+ 
+     /* Update the buffer size */
+     fetch->bufofs += receivedData.length;
+@@ -635,7 +635,7 @@ peerDigestFetchedEnough(DigestFetchState * fetch, char *buf, ssize_t size, const
+     }
+ 
+     /* continue checking (maybe-successful eof case) */
+-    if (!reason && !size) {
++    if (!reason && !size && fetch->state != DIGEST_READ_REPLY) {
+         if (!pd->cd)
+             reason = "null digest?!";
+         else if (fetch->mask_offset != pd->cd->mask_size)

SPECS/squid.spec

@@ -2,7 +2,7 @@
 
 Name:     squid
 Version:  4.15
-Release:  7%{?dist}.5
+Release:  7%{?dist}.5.alma.1
 Summary:  The Squid proxy caching server
 Epoch:    7
 # See CREDITS for breakdown of non GPLv2+ code
@@ -66,6 +66,8 @@ Patch1008: squid-4.15-CVE-2023-46724.patch
 Patch1009: squid-4.15-CVE-2023-46728.patch
 Patch1010: squid-4.15-CVE-2023-49285.patch
 Patch1011: squid-4.15-CVE-2023-49286.patch
+# https://github.com/squid-cache/squid/commit/b6c01a2031944125b8cc6974f598c2cd66f0cee4
+Patch1012: Bug-5318-fetch-pdreceivedData-data.patch
 
 
 Requires: bash >= 2.0
@@ -150,6 +152,7 @@ lookup program (dnsserver), a program for retrieving FTP data
 %patch1009 -p1
 %patch1010 -p1
 %patch1011 -p1
+%patch1012 -p1
 
 # https://bugzilla.redhat.com/show_bug.cgi?id=1679526
 # Patch in the vendor documentation and used different location for documentation
@@ -366,6 +369,10 @@ fi
 
 
 %changelog
+* Wed Mar 06 2024 Eduard Abdullin <eabdullin@almalinux.org> - 7:4.15-7.5.alma.1
+- Fix Bug 5318: peer_digest.cc:399: "fetch->pd &&
+ receivedData.data" (#1584)
+
 * Wed Jan 03 2024 Tianyue Lan <tianyue.lan@oracle.com> - 7:4.15-7.5
 - Fix squid: Denial of Service in SSL Certificate validation (CVE-2023-46724)
 - Fix squid: NULL pointer dereference in the gopher protocol code (CVE-2023-46728)