mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2025-03-01 00:50:53 +00:00
BUG/MEDIUM: http-act: Don't replace URI if path is not found or invalid
For replace-path, replace-pathq and replace-uri actions, we must take care to not match on the selected element if it is not defined. regex_exec_match2() function expects to be called with a defined subject. However, if the request path is invalid or not found, the function is called with a NULL subject, leading to a crash when compiled without the PRCE/PCRE2 support. For instance the following rules crashes HAProxy on a CONNECT request: http-request replace-path /short/(.) /\1 This patch must be backported as far as 2.0.
This commit is contained in:
parent
21ac0eec28
commit
114e759d5d
@ -538,6 +538,9 @@ static enum act_return http_action_replace_uri(struct act_rule *rule, struct pro
|
||||
uri = http_parse_path(&parser);
|
||||
}
|
||||
|
||||
if (!istlen(uri))
|
||||
goto leave;
|
||||
|
||||
if (!regex_exec_match2(rule->arg.http.re, uri.ptr, uri.len, MAX_MATCH, pmatch, 0))
|
||||
goto leave;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user