From 65189c17c694b0b44e0d324d63c055f5329e61c9 Mon Sep 17 00:00:00 2001 From: Tim Duesterhus Date: Tue, 26 Jun 2018 15:57:29 +0200 Subject: [PATCH] BUG/MAJOR: stick_table: Complete incomplete SEGV fix This commit completes the incomplete segmentation fault fix in commit ac1f3ed64b58bd178865c6f2cc8f6f306d9e1e15. Likewise it must be backported to haproxy 1.8. --- reg-tests/stick-table/h00000.vtc | 30 ++++++++++++++++++++++++++++++ src/stick_table.c | 6 ++++-- 2 files changed, 34 insertions(+), 2 deletions(-) create mode 100644 reg-tests/stick-table/h00000.vtc diff --git a/reg-tests/stick-table/h00000.vtc b/reg-tests/stick-table/h00000.vtc new file mode 100644 index 0000000000..1071bc04fe --- /dev/null +++ b/reg-tests/stick-table/h00000.vtc @@ -0,0 +1,30 @@ +# Shipped with the commit fixing the bug. + +varnishtest "Stick Table: Crash when accessing unknown key." +feature ignore_unknown_macro + +server s0 { + rxreq + txresp +} -start + +haproxy h0 -conf { + defaults + timeout connect 5000ms + timeout client 50000ms + timeout server 50000ms + + frontend test + mode http + bind "fd@${fe1}" + stick-table type ip size 1m expire 1h store gpc0 + http-request deny if { src,table_trackers(test) eq 1 } + http-request deny if { src,in_table(test) } + http-request deny deny_status 200 +} -start + +client c0 -connect ${h0_fe1_sock} { + txreq -url "/" + rxresp + expect resp.status == 200 +} -run diff --git a/src/stick_table.c b/src/stick_table.c index 4294654551..8e16830d06 100644 --- a/src/stick_table.c +++ b/src/stick_table.c @@ -1596,8 +1596,10 @@ static int sample_conv_table_trackers(const struct arg *arg_p, struct sample *sm smp->data.type = SMP_T_SINT; smp->data.u.sint = 0; - if (ts) - smp->data.u.sint = ts->ref_cnt; + if (!ts) + return 1; + + smp->data.u.sint = ts->ref_cnt; stktable_release(t, ts); return 1;