From 471ea5fbe99e9c4c71be510cb1a77b628c549cb0 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Sun, 12 Oct 2008 17:26:37 +0200
Subject: [PATCH] [BUG] acl-related keywords are not allowed in defaults
 sections

Using an ACL-related keyword in the defaults section causes a
segfault during parsing because the list headers are not initialized.
We must initialize list headers for default instance and reject
keywords relying on ACLs.
---
 src/cfgparse.c | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 5c525bf33..72b10278d 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -516,6 +516,13 @@ static void init_default_instance()
 	defproxy.maxconn = cfg_maxpconn;
 	defproxy.conn_retries = CONN_RETRIES;
 	defproxy.logfac1 = defproxy.logfac2 = -1; /* log disabled */
+
+	LIST_INIT(&defproxy.pendconns);
+	LIST_INIT(&defproxy.acl);
+	LIST_INIT(&defproxy.block_cond);
+	LIST_INIT(&defproxy.mon_fail_cond);
+	LIST_INIT(&defproxy.switching_rules);
+
 	tv_eternity(&defproxy.timeout.client);
 	tv_eternity(&defproxy.timeout.connect);
 	tv_eternity(&defproxy.timeout.server);
@@ -796,6 +803,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
 		curproxy->state = PR_STNEW;
 	}
 	else if (!strcmp(args[0], "acl")) {  /* add an ACL */
+		if (curproxy == &defproxy) {
+			Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
+			return -1;
+		}
+
 		err = invalid_char(args[1]);
 		if (err) {
 			Alert("parsing [%s:%d] : character '%c' is not permitted in acl name '%s'.\n",
@@ -1035,6 +1047,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
 		int pol = ACL_COND_NONE;
 		struct acl_cond *cond;
 
+		if (curproxy == &defproxy) {
+			Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
+			return -1;
+		}
+
 		if (!strcmp(args[1], "if"))
 			pol = ACL_COND_IF;
 		else if (!strcmp(args[1], "unless"))
@@ -1058,6 +1075,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
 		struct acl_cond *cond;
 		struct switching_rule *rule;
 
+		if (curproxy == &defproxy) {
+			Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
+			return -1;
+		}
+
 		if (warnifnotcap(curproxy, PR_CAP_FE, file, linenum, args[0], NULL))
 			return 0;
 
@@ -1335,6 +1357,11 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int inv)
 		}
 	}
 	else if (!strcmp(args[0], "monitor")) {
+		if (curproxy == &defproxy) {
+			Alert("parsing [%s:%d] : '%s' not allowed in 'defaults' section.\n", file, linenum, args[0]);
+			return -1;
+		}
+
 		if (warnifnotcap(curproxy, PR_CAP_FE, file, linenum, args[0], NULL))
 			return 0;