From 645dc08533531416b91ca74ff5aa03154dc0ee50 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Wed, 31 Mar 2021 11:41:36 +0200 Subject: [PATCH] BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields The fix in commit 7b0e00d94 ("BUG/MINOR: http_fetch: make hdr_ip() reject trailing characters") made hdr_ip() more sensitive to empty fields, for example if a trusted proxy incorrectly sends the header with an empty value, we could return 0.0.0.0 which is not correct. Let's make sure we only assign an IPv4 type here when a non-empty address was found. This should be backported to all branches where the fix above was backported. --- src/http_fetch.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/http_fetch.c b/src/http_fetch.c index a4169452f..6c569a75b 100644 --- a/src/http_fetch.c +++ b/src/http_fetch.c @@ -1004,7 +1004,7 @@ static int smp_fetch_hdr_ip(const struct arg *args, struct sample *smp, const ch smp->data.u.str.data); temp->area[smp->data.u.str.data] = '\0'; len = url2ipv4((char *) temp->area, &smp->data.u.ipv4); - if (len == smp->data.u.str.data) { + if (len > 0 && len == smp->data.u.str.data) { /* plain IPv4 address */ smp->data.type = SMP_T_IPV4; break;