RE: [PATCH] Memory corruption building Proxy Protocol V2 header

2014-07-18 Thread Lukas Tribus
Hi Willy, hi Dave, Hi Dave, On Thu, Jul 17, 2014 at 02:34:01PM -0400, Dave McCowan wrote: Here is the corrected (and retested) :-) patch. Commit comment: Use temporary trash chunk, instead of global trash chunk in make_proxy_line_v2() to avoid memory overwrite. Thank you, I've just

Re: [PATCH] Memory corruption building Proxy Protocol V2 header

2014-07-18 Thread Willy Tarreau
Hi Lukas, On Fri, Jul 18, 2014 at 08:30:23PM +0200, Lukas Tribus wrote: FYI when compiling current haproxy-1.5 with openssl, compiler warns: src/connection.c: In function ?make_proxy_line_v2?: src/connection.c:687:5: warning: passing argument 2 of ?ssl_sock_get_remote_common_name? from

Re: [PATCH] Memory corruption building Proxy Protocol V2 header

2014-07-17 Thread Willy Tarreau
On Wed, Jul 16, 2014 at 11:50:30PM -0400, Dave McCowan wrote: Hi Willy, blush Yes, I changed my variable names after testing to clean up and failed. Is my obvious corrected patch the correct fix? Yes I think so. Or should we clamp down on the use of global chunks being passed downstream?

Re: [PATCH] Memory corruption building Proxy Protocol V2 header

2014-07-17 Thread Dave McCowan
Here is the corrected (and retested) :-) patch. Commit comment: Use temporary trash chunk, instead of global trash chunk in make_proxy_line_v2() to avoid memory overwrite. --Dave On Thu, Jul 17, 2014 at 4:17 AM, Willy Tarreau w...@1wt.eu wrote: On Wed, Jul 16, 2014 at 11:50:30PM -0400, Dave

Re: [PATCH] Memory corruption building Proxy Protocol V2 header

2014-07-17 Thread Willy Tarreau
Hi Dave, On Thu, Jul 17, 2014 at 02:34:01PM -0400, Dave McCowan wrote: Here is the corrected (and retested) :-) patch. Commit comment: Use temporary trash chunk, instead of global trash chunk in make_proxy_line_v2() to avoid memory overwrite. Thank you, I've just applied it now. Best

[PATCH] Memory corruption building Proxy Protocol V2 header

2014-07-16 Thread Dave McCowan
Hi Willy, Emeric-- A commit on 6/24 changed the way ssl_sock_get_remote_common_name() works. I agree with this refactoring, unfortunately both make_proxy_line_v2() and the caller of make_proxy_line_v2() are using the global trash chunk as a workspace resulting in a memory overwrite.

Re: [PATCH] Memory corruption building Proxy Protocol V2 header

2014-07-16 Thread Willy Tarreau
Hi Dave, On Wed, Jul 16, 2014 at 02:16:52PM -0400, Dave McCowan wrote: Hi Willy, Emeric-- A commit on 6/24 changed the way ssl_sock_get_remote_common_name() works. I agree with this refactoring, unfortunately both make_proxy_line_v2() and the caller of make_proxy_line_v2() are using

Re: [PATCH] Memory corruption building Proxy Protocol V2 header

2014-07-16 Thread Dave McCowan
Hi Willy, blush Yes, I changed my variable names after testing to clean up and failed. Is my obvious corrected patch the correct fix? Or should we clamp down on the use of global chunks being passed downstream? --Dave On Wed, Jul 16, 2014 at 4:16 PM, Willy Tarreau w...@1wt.eu wrote: Hi