mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-23 14:51:27 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: http: abort request processing on filter failure

Browse Source 
Commit c600204 ("BUG/MEDIUM: regex: fix risk of buffer overrun in
exp_replace()") added a control of failure on the response headers,
but forgot to check for the error during request processing. So if
the filters fail to apply, we could keep the request. It might
cause some headers to silently fail to be added for example. Note
that it's tagged MINOR because a standard configuration cannot make
this case happen.

The fix should be backported to 1.5 and 1.4 though.
This commit is contained in:
Willy Tarreau 2015-01-30 20:58:58 +01:00
parent 32602d2361
commit 34d4c3c13f
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/proto_http.c
View File

@ -7092,7 +7092,8 @@ int apply_filters_to_request(struct session *s, struct channel *req, struct prox
/* The filter did not match the request, it can be
* iterated through all headers.
*/
apply_filter_to_req_headers(s, req, exp);
if (unlikely(apply_filter_to_req_headers(s, req, exp) < 0))
return -1;
}
}
return 0;