Hi dichen,
On Fri, 2021-08-20 at 20:44 +0800, Di Chen via Elfutils-devel wrote:
> 1) moved the XFF check to handle_buildid.
> 2) replace "livelock" with "deadlock" in the commit message.
This looks very good, thanks not just for the code but for also
including documentation and a testcase.
I did
s function. Was there some reason not to perform
> the XFF comma-counting right here?
>
>
> - FChE
>
>
From a0b3d4ba3d15b83d23d3594b614c8e72b87e626c Mon Sep 17 00:00:00 2001
From: Di Chen
Date: Fri, 20 Aug 2021 13:03:21 +0800
Subject: [PATCH] debuginfod: PR27917 - protect against
Hi -
> This patch aims to reduce the risk by adding an option to debuginfod
> that functions kind of like an IP packet's TTL: a limit on the
> length of XFF: header that debuginfod is willing to process. If
> X-Forwarded-For: exceeds N hops, it will not delegate a local lookup
> miss to upstream d
>From a726d9868f4e02d390b9071180b0c3728da3750e Mon Sep 17 00:00:00 2001
From: Di Chen
Date: Sun, 8 Aug 2021 16:57:12 +0800
Subject: [PATCH] debuginfod: PR27917 - protect against federation loops
If someone misconfigures a debuginfod federation to have loops, and a
nonexistent
buildid lookup
