RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2025-01-31 02:22:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

MEDIUM: acl: strenghten the option parser to report invalid options

Browse Source 
Whatever ACL option beginning with a '-' is considered as a pattern
if it does not match a known option. This is a big problem because
typos are silently ignored, such as "-" or "-mi".

Better clearly check the complete option name and report a parsing
error if the option is unknown.
This commit is contained in:
Willy Tarreau 2014-05-11 09:43:46 +02:00
parent a3393955da
commit 2039bba41b
1 changed files with 11 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/acl.c
View File

@ -444,11 +444,11 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
is_loaded = 0;
unique_id = -1;
while (**args == '-') {
if ((*args)[1] == 'i')
if (strcmp(*args, "-i") == 0)
patflags |= PAT_MF_IGNORE_CASE;
else if ((*args)[1] == 'n')
else if (strcmp(*args, "-n") == 0)
patflags |= PAT_MF_NO_DNS;
else if ((*args)[1] == 'u') {
else if (strcmp(*args, "-u") == 0) {
unique_id = strtol(args[1], &error, 10);
if (*error != '\0') {
memprintf(err, "the argument of -u must be an integer");
@ -463,7 +463,7 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
args++;
}
else if ((*args)[1] == 'f') {
else if (strcmp(*args, "-f") == 0) {
if (!expr->pat.parse) {
memprintf(err, "matching method must be specified first (using '-m') when using a sample fetch of this type ('%s')", expr->kw);
goto out_free_expr;
@ -474,7 +474,7 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
is_loaded = 1;
args++;
}
else if ((*args)[1] == 'm') {
else if (strcmp(*args, "-m") == 0) {
int idx;
if (is_loaded) {
@ -501,15 +501,18 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
expr->pat.expect_type = pat_match_types[idx];
args++;
}
else if ((*args)[1] == 'M') {
else if (strcmp(*args, "-M") == 0) {
load_as_map = 1;
}
else if ((*args)[1] == '-') {
else if (strcmp(*args, "--") == 0) {
args++;
break;
}
else
else {
memprintf(err, "'%s' is not a valid ACL option. Please use '--' before any pattern beginning with a '-'", args[0]);
goto out_free_expr;
break;
}
args++;
}