From 3d1c334d4468dc57926e285eb8c8d263eff8acac Mon Sep 17 00:00:00 2001 From: Thierry Fournier Date: Sat, 1 Oct 2022 10:06:59 +0200 Subject: [PATCH] BUG/MINOR: config: insufficient syntax check of the global "maxconn" value The maxconn value is decoded using atol(), so values like "3k" are rightly converter as interger 3, while the user wants 3000. This patch fixes this behavior by reporting a parsing error. This patch could be backported on all maintained version, but it could break some configuration. The bug is really minor, I recommend to not backport, or backport a patch which only throws a warning in place of a fatal error. --- src/cfgparse-global.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/cfgparse-global.c b/src/cfgparse-global.c index cd96fb676..62de1013a 100644 --- a/src/cfgparse-global.c +++ b/src/cfgparse-global.c @@ -592,6 +592,8 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm) goto out; } else if (strcmp(args[0], "maxconn") == 0) { + char *stop; + if (alertif_too_many_args(1, file, linenum, args, &err_code)) goto out; if (global.maxconn != 0) { @@ -604,7 +606,12 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm) err_code |= ERR_ALERT | ERR_FATAL; goto out; } - global.maxconn = atol(args[1]); + global.maxconn = strtol(args[1], &stop, 10); + if (*stop != '\0') { + ha_alert("parsing [%s:%d] : cannot parse '%s' value '%s', an integer is expected.\n", file, linenum, args[0], args[1]); + err_code |= ERR_ALERT | ERR_FATAL; + goto out; + } #ifdef SYSTEM_MAXCONN if (global.maxconn > SYSTEM_MAXCONN && cfg_maxconn <= SYSTEM_MAXCONN) { ha_alert("parsing [%s:%d] : maxconn value %d too high for this system.\nLimiting to %d. Please use '-n' to force the value.\n", file, linenum, global.maxconn, SYSTEM_MAXCONN);