mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-24 23:31:40 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MEDIUM: lb_fwlc: Don't test the server's lb_tree from outside the lock

Browse Source 
In the function fwlc_srv_reposition(), the server's lb_tree is tested from
outside the lock. So it is possible to remove it after the test and then call
eb32_insert() in fwlc_queue_srv() with a NULL root pointer, which is
invalid. Moving the test in the scope of the lock fixes the bug.

This issue was reported on Github, issue #126.

This patch must be backported to 2.0, 1.9 and 1.8.
This commit is contained in:
Christopher Faulet 2019-06-19 10:50:38 +02:00
parent 4f09ec812a
commit 1ae2a88781
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/lb_fwlc.c
View File

@ -66,12 +66,11 @@ static inline void fwlc_queue_srv(struct server *s)
*/
static void fwlc_srv_reposition(struct server *s)
{
if (!s->lb_tree)
return;
HA_SPIN_LOCK(LBPRM_LOCK, &s->proxy->lbprm.lock);
fwlc_dequeue_srv(s);
fwlc_queue_srv(s);
if (s->lb_tree) {
fwlc_dequeue_srv(s);
fwlc_queue_srv(s);
}
HA_SPIN_UNLOCK(LBPRM_LOCK, &s->proxy->lbprm.lock);
}