mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-21 22:01:31 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MAJOR: namespaces: conn->target is not necessarily a server

Browse Source 
create_server_socket() used to dereference objt_server(conn->target),
but if the target is not a server (eg: a proxy) then it's NULL and we
get a segfault. This can be reproduced with a proxy using "dispatch"
with no server, even when namespaces are disabled, because that code
is not #ifdef'd. The fix consists in first checking if the target is
a server.

This fix does not need to be backported, this is 1.6-only.
This commit is contained in:
Willy Tarreau 2014-12-24 13:47:55 +01:00
parent 57767b8032
commit 529c13933b
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/proto_tcp.c
View File

@ -250,11 +250,16 @@ int tcp_bind_socket(int fd, int flags, struct sockaddr_storage *local, struct so
static int create_server_socket(struct connection *conn)
{
const struct netns_entry *ns = objt_server(conn->target)->netns;
if (objt_server(conn->target)->flags & SRV_F_USE_NS_FROM_PP)
ns = conn->proxy_netns;
const struct netns_entry *ns = NULL;
#ifdef CONFIG_HAP_NS
if (objt_server(conn->target)) {
if (__objt_server(conn->target)->flags & SRV_F_USE_NS_FROM_PP)
ns = conn->proxy_netns;
else
ns = __objt_server(conn->target)->netns;
}
#endif
return my_socketat(ns, conn->addr.to.ss_family, SOCK_STREAM, IPPROTO_TCP);
}