mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-10 00:57:02 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: connection: Transform safety check in PROXYv2 parsing into BUG_ON()

Browse Source 
With BUG_ON() being enabled by default it is more useful to use a BUG_ON()
instead of an effectively never-taken if, as any incorrect assumptions will
become much more visible.

see 488ee7fb6 ("BUG/MAJOR: proxy_protocol: Properly validate TLV lengths")
This commit is contained in:
Tim Duesterhus 2022-02-25 21:44:27 +01:00 committed by Willy Tarreau
parent f09af57df5
commit 17e6b737d7
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/connection.c
View File

@ -1098,12 +1098,11 @@ int conn_recv_proxy(struct connection *conn, int flag)
} }
/* Verify that the PROXYv2 header ends at a TLV boundary. /* Verify that the PROXYv2 header ends at a TLV boundary.
* This is technically unreachable, because the TLV parsing already * This is can not be true, because the TLV parsing already
* verifies that a TLV does not exceed the total length and also * verifies that a TLV does not exceed the total length and
* that there is space for a TLV header. * also that there is space for a TLV header.
*/ */
if (tlv_offset != total_v2_len) BUG_ON(tlv_offset != total_v2_len);
goto bad_header;
/* unsupported protocol, keep local connection address */ /* unsupported protocol, keep local connection address */
break; break;