From 6296a11ea416d6360226c27241713c0f6dc0a2ae Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Tue, 12 May 2015 11:57:07 +0200
Subject: [PATCH] BUG/MAJOR: check: fix breakage of inverted tcp-check rules

Recent commit 22b09d2 ("MINOR: include comment in tcpcheck error log")
accidently left a double-step to the next rule in case of an inverted
rule. The effect is that an inverted rule is necessarily skipped and
that we can crash if it was the last rule since we'd use as a rule the
head of the list, thus dereference random memory contents.

No backport is needed.
---
 src/checks.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/checks.c b/src/checks.c
index 26cccae76..249df276c 100644
--- a/src/checks.c
+++ b/src/checks.c
@@ -2820,8 +2820,6 @@ static void tcpcheck_main(struct connection *conn)
 
 					check->current_step = cur;
 
-					cur = (struct tcpcheck_rule*)cur->list.n;
-					check->current_step = cur;
 					if (check->current_step->action == TCPCHK_ACT_EXPECT)
 						goto tcpcheck_expect;
 					__conn_data_stop_recv(conn);