Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/net/haproxy/patches/0014-BUG-MEDIUM-cfgparse-segfault-when-userlist-is-misuse.patch
heil d5c18252d4 haproxy: add patches from upstream 
- [PATCH 1/2] BUG/MEDIUM: stats: properly initialize the scope before
 - [PATCH 2/2] BUG/MEDIUM: http: don't forward client shutdown without
 - [PATCH 3/8] BUG/MINOR: check: fix tcpcheck error message
 - [PATCH 4/8] CLEANUP: checks: fix double usage of cur / current_step
 - [PATCH 5/8] BUG/MEDIUM: checks: do not dereference head of a
 - [PATCH 6/8] CLEANUP: checks: simplify the loop processing of
 - [PATCH 7/8] BUG/MAJOR: checks: always check for end of list before
 - [PATCH 8/8] BUG/MEDIUM: checks: do not dereference a list as a
 - [PATCH 09/10] BUG/MEDIUM: peers: apply a random reconnection timeout
 - [PATCH 10/10] DOC: Update doc about weight, act and bck fields in the
 - [PATCH 11/14] MINOR: ssl: add a destructor to free allocated SSL
 - [PATCH 12/14] BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value
 - [PATCH 13/14] BUG/MINOR: cfgparse: fix typo in 'option httplog' error
 - [PATCH 14/14] BUG/MEDIUM: cfgparse: segfault when userlist is misused

Signed-off-by: heil <heil@terminal-consulting.de>
2015-06-11 19:03:14 +02:00

41 lines
1.3 KiB
Diff
Raw Blame History

From faf3315f77c527e6e1d027deb7e853cdf6af5858 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Thu, 28 May 2015 18:03:51 +0200
Subject: [PATCH 14/14] BUG/MEDIUM: cfgparse: segfault when userlist is misused
If the 'userlist' keyword parsing returns an error and no userlist were
previously created. The parsing of 'user' and 'group' leads to NULL
derefence.
The userlist pointer is now tested to prevent this issue.
(cherry picked from commit 4ac9f546120d42be8147e3d90588e7b9738af0cc)
---
src/cfgparse.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 3c3383d..392a78d 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -5668,6 +5668,9 @@ cfg_parse_users(const char *file, int linenum, char **args, int kwm)
goto out;
}
+ if (!userlist)
+ goto out;
+
for (ag = userlist->groups; ag; ag = ag->next)
if (!strcmp(ag->name, args[1])) {
Warning("parsing [%s:%d]: ignoring duplicated group '%s' in userlist '%s'.\n",
@@ -5718,6 +5721,8 @@ cfg_parse_users(const char *file, int linenum, char **args, int kwm)
err_code |= ERR_ALERT | ERR_FATAL;
goto out;
}
+ if (!userlist)
+ goto out;
for (newuser = userlist->users; newuser; newuser = newuser->next)
if (!strcmp(newuser->user, args[1])) {
--
2.0.5
Reference in a new issue View git blame Copy permalink