|
|
- commit ed3951cf6d9c7846fc780042fdddc194dda47c8d
- Author: Ricardo Nabinger Sanchez <rnsanchez@taghos.com.br>
- Date: Thu Mar 28 21:42:23 2019 -0300
-
- BUG/MAJOR: checks: segfault during tcpcheck_main
-
- When using TCP health checks (tcp-check connect), it is possible to
- crash with a segfault when, for reasons yet to be understood, the
- protocol family is unknown.
-
- In the function tcpcheck_main(), proto is dereferenced without a prior
- test in case it is NULL, leading to the segfault during proto->connect
- dereference.
-
- The line has been unmodified since it was introduced, in commit
- 69e273f3fcfbfb9cc0fb5a09668faad66cfbd36b. This was the only use of
- proto (or more specifically, the return of protocol_by_family()) that
- was unprotected; all other callsites perform the test for a NULL
- pointer.
-
- This patch should be backported to 1.9, 1.8, 1.7, and 1.6.
-
- (cherry picked from commit 4bccea98912c74fa42c665ec25e417c2cca4eee7)
- Signed-off-by: Willy Tarreau <w@1wt.eu>
- (cherry picked from commit 2cefb36087f240b66b2aa4824a317ef5f9b85e68)
- Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
-
- diff --git a/src/checks.c b/src/checks.c
- index e04f1146..fdebf931 100644
- --- a/src/checks.c
- +++ b/src/checks.c
- @@ -2771,7 +2771,7 @@ static int tcpcheck_main(struct check *check)
- conn_install_mux(conn, &mux_pt_ops, cs);
-
- ret = SF_ERR_INTERNAL;
- - if (proto->connect)
- + if (proto && proto->connect)
- ret = proto->connect(conn,
- 1 /* I/O polling is always needed */,
- (next && next->action == TCPCHK_ACT_EXPECT) ? 0 : 2);
|