haproxy public development tree
Go to file
Willy Tarreau da21ed1662 BUG/MINOR: spoe: add missing key length check before checking key names
The spoe parser fails to check that the decoded key length is large
enough to match a given key but it uses the returned length in memcmp().
So returning "ver" could match "version" for example. In addition this
makes clang 10's ASAN complain because the second argument to memcmp()
is the static key which is shorter than the decoded buffer size, which
in practice has no impact.

I'm still not 100% sure the parser is entirely correct because even
with this fix it cannot parse a key whose name matches the beginning
of another one, but in practice this does not happen. Ideally a
preliminary length check before the comparison would be safer.

This needs to be backported as far as 1.7.
2020-06-16 18:25:40 +02:00
.github CI: extend spellchecker whitelist 2020-05-11 10:10:26 +02:00
contrib BUILD: include: add sys/types before netinet/tcp.h 2020-06-11 11:22:44 +02:00
doc [RELEASE] Released version 2.2-dev9 2020-06-11 10:22:10 +02:00
examples
include MINOR: tools: add a new configurable line parse, parse_line() 2020-06-16 16:27:26 +02:00
reg-tests MINOR: sample: Add secure_memcmp converter 2020-06-09 22:04:13 +02:00
scripts REORG: include: move version.h to haproxy/ 2020-06-11 10:18:56 +02:00
src BUG/MINOR: spoe: add missing key length check before checking key names 2020-06-16 18:25:40 +02:00
tests REORG: include: split mini-clist into haproxy/list and list-t.h 2020-06-11 10:18:56 +02:00
.cirrus.yml CI: cirrus-ci: skip reg-tests/connection/proxy_protocol_send_unique_id_alpn.vtc on CentOS 6 2020-05-28 16:51:36 +02:00
.gitignore
.travis.yml CI: travis-ci: use "-O1" for clang builds 2020-06-13 22:59:03 +02:00
BRANCHES DOC: assorted typo fixes in the documentation 2020-03-09 14:45:58 +01:00
CHANGELOG [RELEASE] Released version 2.2-dev9 2020-06-11 10:22:10 +02:00
CONTRIBUTING
INSTALL BUILD: Makefile: add linux-musl to TARGET 2020-04-16 15:17:13 +02:00
LICENSE
MAINTAINERS REORG: include: split hathreads into haproxy/thread.h and haproxy/thread-t.h 2020-06-11 10:18:56 +02:00
Makefile BUILD: Re-enable -Wimplicit-fallthrough 2020-06-11 16:49:37 +02:00
README
ROADMAP
SUBVERS
VERDATE [RELEASE] Released version 2.2-dev9 2020-06-11 10:22:10 +02:00
VERSION [RELEASE] Released version 2.2-dev9 2020-06-11 10:22:10 +02:00

The HAProxy documentation has been split into a number of different files for
ease of use.

Please refer to the following files depending on what you're looking for :

  - INSTALL for instructions on how to build and install HAProxy
  - BRANCHES to understand the project's life cycle and what version to use
  - LICENSE for the project's license
  - CONTRIBUTING for the process to follow to submit contributions

The more detailed documentation is located into the doc/ directory :

  - doc/intro.txt for a quick introduction on HAProxy
  - doc/configuration.txt for the configuration's reference manual
  - doc/lua.txt for the Lua's reference manual
  - doc/SPOE.txt for how to use the SPOE engine
  - doc/network-namespaces.txt for how to use network namespaces under Linux
  - doc/management.txt for the management guide
  - doc/regression-testing.txt for how to use the regression testing suite
  - doc/peers.txt for the peers protocol reference
  - doc/coding-style.txt for how to adopt HAProxy's coding style
  - doc/internals for developer-specific documentation (not all up to date)