Bug ID 610201: Undefined behavior when calling HTTP::payload within HTTP_REQUEST_SEND iRule event

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0

Fixed In:
13.1.0, 13.0.0 HF1

Opened: Aug 10, 2016
Severity: 4-Minor

Symptoms

The invocation of HTTP::payload iRule API within the HTTP_REQUEST_SEND iRule event may lead to undefined behavior, such as retrieval of invalid HTTP data, or system crash.

Impact

Corrupted HTTP data or system crash may result from the invocation of the HTTP::payload API within the HTTP_REQUEST_SEND iRule event.

Conditions

The problem manifests itself exclusively with iRules attached to HTTP virtual servers, where the iRules are using the HTTP::payload API invocation within the HTTP_REQUEST_SEND server-side event.

Workaround

The HTTP::payload API should not be invoked within the HTTP_REQUEST_SEND iRule event. According to the underlying API documentation, the valid HTTP events should be limited to CACHE_REQUEST, CACHE_RESPONSE, HTTP_REQUEST, HTTP_REQUEST_DATA, HTTP_RESPONSE, HTTP_RESPONSE_CONTINUE, HTTP_RESPONSE_DATA.

Fix Information

The HTTP::payload API should not be invoked within the HTTP_REQUEST_SEND iRule event. According to the underlying API documentation, the valid HTTP events should be limited to CACHE_REQUEST, CACHE_RESPONSE, HTTP_REQUEST, HTTP_REQUEST_DATA, HTTP_RESPONSE, HTTP_RESPONSE_CONTINUE, HTTP_RESPONSE_DATA.

Behavior Change