upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-04-15 21:59:41 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

[BUG] acl-related keywords are not allowed in defaults sections

Browse source 
Using an ACL-related keyword in the defaults section causes a
segfault during parsing because the list headers are not initialized.
We must initialize list headers for default instance and reject
keywords relying on ACLs.
(cherry picked from commit 1c90a6ec20)
(cherry picked from commit eb8131b4e418b838b2d62d991d91d94482ba49de)
This commit is contained in:
Willy Tarreau 2008-10-12 17:26:37 +02:00
parent da250db376
commit b099aca91a
1 changed files with 27 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
src/cfgparse.c
View file

@ -538,6 +538,13 @@ static void init_default_instance()
defproxy.maxconn = cfg_maxpconn;
defproxy.conn_retries = CONN_RETRIES;
defproxy.logfac1 = defproxy.logfac2 = -1; /* log disabled */
LIST_INIT(&defproxy.pendconns);
LIST_INIT(&defproxy.acl);
LIST_INIT(&defproxy.block_cond);
LIST_INIT(&defproxy.mon_fail_cond);
LIST_INIT(&defproxy.switching_rules);
proxy_reset_timeouts(&defproxy);
}
@ -864,6 +871,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
curproxy->state = PR_STNEW;
}
else if (!strcmp(args[0], "acl")) { /* add an ACL */
if (curproxy == &defproxy) {
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
return -1;
}
err = invalid_char(args[1]);
if (err) {
Alert("parsing [%s:%d] : character '%c' is not permitted in acl name '%s'.\n",
@ -1074,6 +1086,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
int pol = ACL_COND_NONE;
struct acl_cond *cond;
if (curproxy == &defproxy) {
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
return -1;
}
if (!strcmp(args[1], "if"))
pol = ACL_COND_IF;
else if (!strcmp(args[1], "unless"))
@ -1191,6 +1208,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
struct acl_cond *cond;
struct switching_rule *rule;
if (curproxy == &defproxy) {
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
return -1;
}
if (warnifnotcap(curproxy, PR_CAP_FE, file, linenum, args[0], NULL))
return 0;
@ -1496,6 +1518,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
}
}
else if (!strcmp(args[0], "monitor")) {
if (curproxy == &defproxy) {
Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
return -1;
}
if (warnifnotcap(curproxy, PR_CAP_FE, file, linenum, args[0], NULL))
return 0;