trafficserver/CVE-2024-38479.patch

From b8861231702ac5df7d5de401e82440c1cf20b633 Mon Sep 17 00:00:00 2001
From: Bryan Call <bcall@apache.org>
Date: Tue, 12 Nov 2024 09:51:49 -0800
Subject: [PATCH] Add matrix params to the cachekey in the cachekey plugin
 (#11856)

Origin: https://github.com/apache/trafficserver/commit/b8861231702ac5df7d5de401e82440c1cf20b633

---
 plugins/cachekey/cachekey.cc | 21 +++++++++++++++++++++
 plugins/cachekey/cachekey.h  |  1 +
 plugins/cachekey/configs.cc  | 14 ++++++++++++++
 plugins/cachekey/configs.h   | 11 +++++++++++
 plugins/cachekey/plugin.cc   |  4 ++++
 5 files changed, 51 insertions(+)

diff --git a/plugins/cachekey/cachekey.cc b/plugins/cachekey/cachekey.cc
index babc78cc999..38286e7eb28 100644
--- a/plugins/cachekey/cachekey.cc
+++ b/plugins/cachekey/cachekey.cc
@@ -673,6 +673,27 @@ CacheKey::appendQuery(const ConfigQuery &config)
   }
 }
 
+void
+CacheKey::appendMatrix(const ConfigMatrix &config)
+{
+  if (config.toBeRemoved()) {
+    return;
+  }
+
+  const char *matrix;
+  int length;
+
+  matrix = TSUrlHttpParamsGet(_buf, _url, &length);
+  if (matrix == nullptr || length == 0) {
+    return;
+  }
+
+  if (matrix && length) {
+    _key.append(";");
+    _key.append(matrix, length);
+  }
+}
+
 /**
  * @brief Append User-Agent header captures specified in the Pattern configuration object.
  *
diff --git a/plugins/cachekey/cachekey.h b/plugins/cachekey/cachekey.h
index 0b47e85984d..dc208f93bb4 100644
--- a/plugins/cachekey/cachekey.h
+++ b/plugins/cachekey/cachekey.h
@@ -63,6 +63,7 @@ class CacheKey
   void appendPath(Pattern &pathCapture, Pattern &pathCaptureUri);
   void appendHeaders(const ConfigHeaders &config);
   void appendQuery(const ConfigQuery &config);
+  void appendMatrix(const ConfigMatrix &config);
   void appendCookies(const ConfigCookies &config);
   void appendUaCaptures(Pattern &config);
   bool appendUaClass(Classifier &classifier);
diff --git a/plugins/cachekey/configs.cc b/plugins/cachekey/configs.cc
index b2bc42d5e70..d6ef13aea68 100644
--- a/plugins/cachekey/configs.cc
+++ b/plugins/cachekey/configs.cc
@@ -208,6 +208,20 @@ ConfigQuery::name() const
   return _NAME;
 }
 
+bool
+ConfigMatrix::finalize()
+{
+  _remove = noIncludeExcludeRules();
+  return true;
+}
+
+const String ConfigMatrix::_NAME = "matrix parameter";
+inline const String &
+ConfigMatrix::name() const
+{
+  return _NAME;
+}
+
 /**
  * @briefs finalizes the headers related configuration.
  *
diff --git a/plugins/cachekey/configs.h b/plugins/cachekey/configs.h
index e98b69afd48..f5d24bdbe3c 100644
--- a/plugins/cachekey/configs.h
+++ b/plugins/cachekey/configs.h
@@ -112,6 +112,16 @@ class ConfigQuery : public ConfigElements
   static const String _NAME;
 };
 
+class ConfigMatrix : public ConfigElements
+{
+public:
+  bool finalize() override;
+
+private:
+  const String &name() const override;
+  static const String _NAME;
+};
+
 /**
  * @brief Headers configuration class.
  */
@@ -210,6 +220,7 @@ class Configs
   /* Make the following members public to avoid unnecessary accessors */
   ConfigQuery _query;        /**< @brief query parameter related configuration */
   ConfigHeaders _headers;    /**< @brief headers related configuration */
+  ConfigMatrix _matrix;      /**< @brief matrix parameter related configuration */
   ConfigCookies _cookies;    /**< @brief cookies related configuration */
   Pattern _uaCapture;        /**< @brief the capture groups and the replacement string used for the User-Agent header capture */
   String _prefix;            /**< @brief cache key prefix string */
diff --git a/plugins/cachekey/plugin.cc b/plugins/cachekey/plugin.cc
index d92c079271a..b863b94a0d5 100644
--- a/plugins/cachekey/plugin.cc
+++ b/plugins/cachekey/plugin.cc
@@ -64,6 +64,10 @@ setCacheKey(TSHttpTxn txn, Configs *config, TSRemapRequestInfo *rri = nullptr)
     if (!config->pathToBeRemoved()) {
       cachekey.appendPath(config->_pathCapture, config->_pathCaptureUri);
     }
+
+    /* Append the matrix parameters to the cache key. */
+    cachekey.appendMatrix(config->_matrix);
+
     /* Append query parameters to the cache key. */
     cachekey.appendQuery(config->_query);