From 6cd93f52e974aca4dac7aa2756c4e17659ae5354 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Thu, 20 Jan 2022 08:31:50 +0100
Subject: [PATCH] BUG/MEDIUM: mcli: do not try to parse empty buffers

When pcli_parse_request() is called with an empty buffer, it still tries
to parse it and can go on believing it finds an empty request if the last
char before the beginning of the buffer is a '\n'. In this case it overwrites
it with a zero and processes it as an empty command, doing nothing but not
making the buffer progress. This results in an infinite loop that is stopped
by the watchdog. For a reason related to another issue (yet to be fixed),
this can easily be reproduced by pipelining lots of commands such as
"show version".

Let's add a length check after the search for a '\n'.

This needs to be backported as far as 2.0.
---
 src/cli.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/cli.c b/src/cli.c
index ec164aebd..3744ac3ac 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -2324,7 +2324,7 @@ int pcli_parse_request(struct stream *s, struct channel *req, char **errmsg, int
 	end = p + reql;
 
 	/* there is no end to this command, need more to parse ! */
-	if (*(end-1) != '\n') {
+	if (!reql || *(end-1) != '\n') {
 		return -1;
 	}