From 18cca781f5384f060704ad80018d80bdd4e01e76 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <cfaulet@haproxy.com>
Date: Thu, 7 Feb 2019 16:29:41 +0100
Subject: [PATCH] BUG/MINOR: config: Reinforce validity check when a process
 number is parsed

Now, in the function parse_process_number(), when a process number or a set of
processes is parsed, an error is triggered if an invalid character is found. It
means following syntaxes are not forbidden and will emit an alert during the
HAProxy startup:

  1a
  1/2
  1-2-3

This bug was reported on Github. See issue #36.

This patch may be backported to 1.9 and 1.8.
---
 src/cfgparse.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/cfgparse.c b/src/cfgparse.c
index d7d18c6b1..e178db069 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -369,16 +369,20 @@ int parse_process_number(const char *arg, unsigned long *proc, int max, int *aut
 	else if (strcmp(arg, "even") == 0)
 		*proc |= (~0UL/3UL) << 1; /* 0xAAA...AAA */
 	else {
-		char *dash;
+		const char *p, *dash = NULL;
 		unsigned int low, high;
 
-		if (!isdigit((int)*arg)) {
-			memprintf(err, "'%s' is not a valid number.\n", arg);
-			return -1;
+		for (p = arg; *p; p++) {
+			if (*p == '-' && !dash)
+				dash = p;
+			else if (!isdigit((int)*p)) {
+				memprintf(err, "'%s' is not a valid number/range.", arg);
+				return -1;
+			}
 		}
 
 		low = high = str2uic(arg);
-		if ((dash = strchr(arg, '-')) != NULL)
+		if (dash)
 			high = ((!*(dash+1)) ? max : str2uic(dash + 1));
 
 		if (high < low) {