Am 19-04-2017 13:02, schrieb Pavlos Parissis:
On 19/04/2017 12:13 μμ, Willy Tarreau wrote:
Hi all,
Stephan (in Cc) reported me two nice segfaults in the config parser
when
feeding haproxy with some horribly fuzzed invalid configurations. To
make
it clear, it happens only when haproxy *fails* to start due to an
error.
But it's not a reason for failing the dirty way. Every time it was a
problem in smp_resolve_args() which is used to resolve acl args.
The root cause of the issue is that there are certain types of errors
where it's very tricky to unroll what has been started (eg: add
multiple
keywords to a list then you have to remove them and exactly them,
taking
care not to free a shared memory are if at least one remains because
this
one will be freed later), etc.
The first bug was a use-after-free causing all sort of random things
like
memory corruption or an infinite loop when trying to exit, which can
be a
problem for those aggregating configs from customers. The second one
was
a "more conventional" null dereference. I could fix both of them but I
realized that the deeper reason is that we try to perform all the
cross-
reference checks after we've met such errors, which doesn't make sense
and even causes some absurd errors to be reported. So I wrote the
simple
patch below for 1.8 and I think it would make sense to backport this
into
earlier versions to make everyone's life easier. It would also make
the
parser much more robust against such issues in the future.
Now the question is : this is not a bug fix but a small improvement
which
may have some impact on those being used to read error reports, so
does
anyone have any objection against this being backported (if so to
regarding
a specific version maybe) ?
I also believe that it should be backported at least to 1.7 version[1].
It makes the output more clear and squeaks only the relevant bad config
lines.
+1
Cheers,
Pavlos
[1] IMHO: Users of 1.5 version should upgrade to 1.7, I don't see
any valid reason to stay on 1.5. From my personal experience I can tell
that 1.7 version is a rock solid release.
