From 2a164ee54906d8f76aa224da0183148cace65bc7 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Fri, 18 Jun 2010 09:57:45 +0200 Subject: [PATCH] [BUG] stick_table: the fix for the memory leak caused a regression MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit (cherry picked from commit 61ba936e6858dfcf9964d25870726621d8188fb9) [ note: the bug was finally not present in 1.5-dev but at least we have to reset store_count to be compatible with 1.4 ] Commit d6e9e3b5e320b957e6c491bd92d91afad30ba638 caused recently created entries to be removed as soon as they were created, breaking stickiness. It is not clear whether a use-after-free was possible or not in this case. This bug was reported by Ben Congleton and narrowed down by Hervé Commowick, both of whom also tested the fix. Thanks to them ! --- src/session.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/session.c b/src/session.c index 262f48629..7c1e4761d 100644 --- a/src/session.c +++ b/src/session.c @@ -1068,6 +1068,7 @@ int process_store_rules(struct session *s, struct buffer *rep, int an_bit) ptr = stktable_data_ptr(s->store[i].table, ts, STKTABLE_DT_SERVER_ID); stktable_data_cast(ptr, server_id) = s->srv->puid; } + s->store_count = 0; /* everything is stored */ rep->analysers &= ~an_bit; rep->analyse_exp = TICK_ETERNITY;