Bug ID 738669: Login validation may fail for a large request with early server response

Last Modified: Oct 24, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP FPS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,,,,, 13.1.1,, 14.0.0,,,,,, 14.0.1,

Fixed In:

Opened: Jul 30, 2018
Severity: 3-Major


in case of large request/response, if FPS needs to store ingress and ingress chunks in buffer for additional processing (ingress :: for parameter parsing, egress :: for login validation's banned/mandatory strings check or scripts injection), if the server responds fast enough, the buffer may contain mixed parts of request/response. This may have several effects, from incorrectly performing login-validation to generating a tmm core file.


This results in one or more of the following: -- Login validation failure/skip. -- Bad response/script injection. -- tmm core. In this case, traffic is disrupted while tmm restarts.


-- Login validation is enabled and configured to check for banned/mandatory string. -- A username parameter is configured. -- There are no parameters configured for encrypt/HTML Field Obfuscation (HFO), and no decoy parameters. -- There is a large request and response. -- The system response very quickly.



Fix Information

FPS now handles ingress/egress buffers separately, so this issue no longer occurs.

Behavior Change