|
commit ed3951cf6d9c7846fc780042fdddc194dda47c8d
|
|
Author: Ricardo Nabinger Sanchez <rnsanchez@taghos.com.br>
|
|
Date: Thu Mar 28 21:42:23 2019 -0300
|
|
|
|
BUG/MAJOR: checks: segfault during tcpcheck_main
|
|
|
|
When using TCP health checks (tcp-check connect), it is possible to
|
|
crash with a segfault when, for reasons yet to be understood, the
|
|
protocol family is unknown.
|
|
|
|
In the function tcpcheck_main(), proto is dereferenced without a prior
|
|
test in case it is NULL, leading to the segfault during proto->connect
|
|
dereference.
|
|
|
|
The line has been unmodified since it was introduced, in commit
|
|
69e273f3fcfbfb9cc0fb5a09668faad66cfbd36b. This was the only use of
|
|
proto (or more specifically, the return of protocol_by_family()) that
|
|
was unprotected; all other callsites perform the test for a NULL
|
|
pointer.
|
|
|
|
This patch should be backported to 1.9, 1.8, 1.7, and 1.6.
|
|
|
|
(cherry picked from commit 4bccea98912c74fa42c665ec25e417c2cca4eee7)
|
|
Signed-off-by: Willy Tarreau <w@1wt.eu>
|
|
(cherry picked from commit 2cefb36087f240b66b2aa4824a317ef5f9b85e68)
|
|
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
|
|
|
|
diff --git a/src/checks.c b/src/checks.c
|
|
index e04f1146..fdebf931 100644
|
|
--- a/src/checks.c
|
|
+++ b/src/checks.c
|
|
@@ -2771,7 +2771,7 @@ static int tcpcheck_main(struct check *check)
|
|
conn_install_mux(conn, &mux_pt_ops, cs);
|
|
|
|
ret = SF_ERR_INTERNAL;
|
|
- if (proto->connect)
|
|
+ if (proto && proto->connect)
|
|
ret = proto->connect(conn,
|
|
1 /* I/O polling is always needed */,
|
|
(next && next->action == TCPCHK_ACT_EXPECT) ? 0 : 2);
|