RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-26 14:42:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is encountered

Browse Source 
This fixes OSS Fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21931.

OSS Fuzz detected a hang on configuration parsing for a 200kB line with a large number of
invalid escape sequences. Most likely due to the amounts of error output generated.

This issue is very minor, because usually generated configurations are to be trusted.

The bug exists since at the very least HAProxy 1.4. The patch may be backported if desired.
This commit is contained in:
Tim Duesterhus 2020-05-07 19:21:31 +02:00 committed by Willy Tarreau
parent f1dccedcf6
commit e6291956e7
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/cfgparse.c
View File

@ -1967,6 +1967,7 @@ next_line:
else {
ha_alert("parsing [%s:%d] : invalid or incomplete '\\x' sequence in '%s'.\n", file, linenum, args[0]);
err_code |= ERR_ALERT | ERR_FATAL;
goto next_line;
}
} else if (line[1] == '"') {
*line = '"';