Back to Trending

How we found a bug in the hyper HTTP library

Cloudflare Blog 2026-06-22 18:00:00
Context: Cloudflare's Images service, built on Rust and running on their edge network, utilizes the hyper HTTP library to handle client connections. In December 2025, the Images team replaced an intermediary service, FL, with a new internal worker binding that directly connects services on the same machine, bypassing FL and its associated network overhead. Shortly after this rollout, intermittent failures were reported for image transformation requests from the Images binding, particularly for larger images.

Key Facts

  • Cloudflare's Images service, built in Rust on Workers, runs on every machine in Cloudflare's edge network and uses the hyper HTTP library to handle client connections.
  • The Images binding was rearchitected at the end of 2025 to provide a more direct, local connection between the Workers runtime and the Images service, replacing FL with a new internal worker binding that uses Unix sockets.
  • The bug, a race condition in the hyper library, occurred when the outbound buffer filled up and hyper had to wait for room to continue writing, causing the image data to be truncated, with responses being cut short, sometimes to a few hundred kilobytes instead of the expected several megabytes.
  • The issue was identified through a combination of customer reports, testing, and investigation, including building a reproduction worker that mimicked the customer's setup and triggered the bug with the binding alone.
Read full article & support publisher (opens in a new tab)
Link

Summarised in seconds by Grasp AI

Cut out the noise. Build your own custom factual news feed for free, or summarise any article instantly.

Create your free dashboard