From 3e2d1476e65ed45a38ed153ad2357d60755be8e9 Mon Sep 17 00:00:00 2001
From: Christopher Faulet <cfaulet@haproxy.com>
Date: Fri, 5 Jul 2024 12:03:41 +0200
Subject: [PATCH] BUG/MEDIUM: peers: Fix crash when syncing learn state of a
 peer without appctx

For a given peer, the synchronization of the learn state is no longer
performed in the peer appctx. It is delayed to be handled by the peers sync
task. It means that for a given peer, it is possible to have finished to
learn and only handle it after the appctx release. So the synchronization
may happen on a peer without appctx.

This was not tested and an unconditionnal wakeup on the appctx could lead to
a crash because of a NULL-deref. It may be experienced by running
reg-tests/peers/tls_basic_sync.vtc script in loop. The fix is obivous. In
sync_peer_learn_state(), we must omit to wakeup the appctx if it was already
released.

This patch should fix issue #2629. It must be backported to 3.0.
---
 src/peers.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/peers.c b/src/peers.c
index 4ec981cad..96f6de9a0 100644
--- a/src/peers.c
+++ b/src/peers.c
@@ -3341,7 +3341,8 @@ static void sync_peer_learn_state(struct peers *peers, struct peer *peer)
 	HA_ATOMIC_AND(&peers->flags, ~PEERS_F_RESYNC_ASSIGN);
 	HA_ATOMIC_OR(&peers->flags, flags);
 
-	appctx_wakeup(peer->appctx);
+	if (peer->appctx)
+		appctx_wakeup(peer->appctx);
 }
 
 /* Synchronise the peer applet state with its associated peers section. This