haproxy/include/import
Remi Tricot-Le Breton 2608e348be BUG/MEDIUM: ebtree: Invalid read when looking for dup entry
The first item inserted into an ebtree will be inserted directly below
the root, which is a simple struct eb_root which only holds two branch
pointers (left and right).
If we try to find a duplicated entry to this first leaf through a
ebmb_next_dup, our leaf_p pointer will point to the eb_root instead of a
complete eb_node so we cannot look for the bit part of our leaf_p since
it would try to cast our eb_root into an eb_node and perform an out of
bounds access when reading "eb_root_to_node(eb_untag(t,EB_LEFT)))->bit".
This bug was found by address sanitizer running on a CRL hot update VTC
test.

Note that the bug has been there since the import of the eb_next_dup()
and eb_prev_dup() function in 1.5-dev19 by commit 2b5702030 ("MINOR:
ebtree: add new eb_next_dup/eb_prev_dup() functions to visit duplicates").

It can be backported to all stable branches.
2021-05-18 19:26:21 +02:00
..
atomic-ops.h MINOR: plock: use an ARMv8 instruction barrier for the pause instruction 2020-11-29 14:53:33 +01:00
eb32sctree.h
eb32tree.h
eb64tree.h
ebimtree.h
ebistree.h
ebmbtree.h CLEANUP: Fix spelling errors in comments 2021-01-08 14:56:32 +01:00
ebpttree.h
ebsttree.h
ebtree.h BUG/MEDIUM: ebtree: Invalid read when looking for dup entry 2021-05-18 19:26:21 +02:00
ist.h MINOR: ist: Add `istclear(struct ist*)` 2021-04-14 19:49:33 +02:00
lru.h
mjson.h MINOR: sample: converter: Add mjson library. 2021-04-15 17:05:38 +02:00
plock.h BUILD: plock: remove dead code that causes a warning in gcc 11 2020-12-21 10:27:18 +01:00
sha1.h
slz-tables.h IMPORT: slz: do not produce the crc32_fast table when CRC is natively supported 2021-05-12 09:29:33 +02:00
slz.h IMPORT: slz: use inttypes.h instead of stdint.h 2021-05-14 08:44:52 +02:00
xxhash.h BUG/MINOR: xxhash: make sure armv6 uses memcpy() 2021-02-04 17:14:58 +01:00