RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-21 03:00:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MEDIUM: peers: fix segfault using multiple bind on peers sections

Browse Source 
If multiple "bind" lines were present on the "peers" section, multiple
listeners were added to a list but the code mistakenly initialize
the first member and this first listener was re-configured instead of
the newly created one. The last one remains uninitialized causing a null
dereference a soon a connection is received.

In addition, the 'peers' sections and protocol are not currently designed to
handle multiple listeners.

This patch check if there is already a listener configured on the 'peers'
section when we want to create a new one. This is rising an error if
a listener is already present showing the file and line in the error
message.

To keep the file and line number of the previous listener available
for the error message, the 'bind_conf_uniq_alloc' function was modified
to keep the file/line data the struct 'bind_conf' was firstly
allocated (previously it was updated each time the 'bind_conf' was
reused).

This patch should be backported until version 2.0
This commit is contained in:
Emeric Brun 2022-05-25 10:12:07 +02:00 committed by Christopher Faulet
parent 4315d17d3f
commit 49f6f4b1a7
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/cfgparse.c
View File

@ -615,9 +615,10 @@ static struct bind_conf *bind_conf_uniq_alloc(struct proxy *p,
if (!LIST_ISEMPTY(&p->conf.bind)) {
bind_conf = LIST_ELEM((&p->conf.bind)->n, typeof(bind_conf), by_fe);
free(bind_conf->file);
bind_conf->file = strdup(file);
bind_conf->line = line;
/*
* We keep bind_conf->file and bind_conf->line unchanged
* to make them available for error messages
*/
if (arg) {
free(bind_conf->arg);
bind_conf->arg = strdup(arg);
@ -712,6 +713,11 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
goto out;
}
if (!LIST_ISEMPTY(&bind_conf->listeners)) {
ha_alert("parsing [%s:%d] : One listener per \"peers\" section is authorized but another is already configured at [%s:%d].\n", file, linenum, bind_conf->file, bind_conf->line);
err_code |= ERR_FATAL;
}
if (!str2listener(args[1], curpeers->peers_fe, bind_conf, file, linenum, &errmsg)) {
if (errmsg && *errmsg) {
indent_msg(&errmsg, 2);
@ -910,6 +916,11 @@ int cfg_parse_peers(const char *file, int linenum, char **args, int kwm)
bind_conf = bind_conf_uniq_alloc(curpeers->peers_fe, file, linenum, args[2], xprt_get(XPRT_RAW));
if (!LIST_ISEMPTY(&bind_conf->listeners)) {
ha_alert("parsing [%s:%d] : One listener per \"peers\" section is authorized but another is already configured at [%s:%d].\n", file, linenum, bind_conf->file, bind_conf->line);
err_code |= ERR_FATAL;
}
if (!str2listener(args[2], curpeers->peers_fe, bind_conf, file, linenum, &errmsg)) {
if (errmsg && *errmsg) {
indent_msg(&errmsg, 2);