mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 20:46:11 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: cli: Ensure the CLI always outputs an error when it should

Browse Source 
When using the CLI_ST_PRINT_FREE state, always output something back
if the faulty function did not fill the 'err' variable.
The map/acl code could lead to a crash whereas the SSL code was silently
failing.

Signed-off-by: Aurlien Nephtali <aurelien.nephtali@corp.ovh.com>
This commit is contained in:
Aurlien Nephtali 2018-04-16 19:02:42 +02:00 committed by Willy Tarreau
parent c511b7cc97
commit 9a4da683a6
2 changed files with 33 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
src/map.c
View File

@ -723,15 +723,21 @@ static int cli_parse_set_map(char **args, struct appctx *appctx, void *private)
return 1;
}
/* Try to delete the entry. */
/* Try to modify the entry. */
err = NULL;
HA_SPIN_LOCK(PATREF_LOCK, &appctx->ctx.map.ref->lock);
if (!pat_ref_set_by_id(appctx->ctx.map.ref, ref, args[4], &err)) {
HA_SPIN_UNLOCK(PATREF_LOCK, &appctx->ctx.map.ref->lock);
if (err)
if (err) {
memprintf(&err, "%s.\n", err);
appctx->ctx.cli.err = err;
appctx->st0 = CLI_ST_PRINT_FREE;
appctx->ctx.cli.err = err;
appctx->st0 = CLI_ST_PRINT_FREE;
}
else {
appctx->ctx.cli.severity = LOG_ERR;
appctx->ctx.cli.msg = "Failed to update an entry.\n";
appctx->st0 = CLI_ST_PRINT;
}
return 1;
}
HA_SPIN_UNLOCK(PATREF_LOCK, &appctx->ctx.map.ref->lock);
@ -744,10 +750,16 @@ static int cli_parse_set_map(char **args, struct appctx *appctx, void *private)
HA_SPIN_LOCK(PATREF_LOCK, &appctx->ctx.map.ref->lock);
if (!pat_ref_set(appctx->ctx.map.ref, args[3], args[4], &err)) {
HA_SPIN_UNLOCK(PATREF_LOCK, &appctx->ctx.map.ref->lock);
if (err)
if (err) {
memprintf(&err, "%s.\n", err);
appctx->ctx.cli.err = err;
appctx->st0 = CLI_ST_PRINT_FREE;
appctx->ctx.cli.err = err;
appctx->st0 = CLI_ST_PRINT_FREE;
}
else {
appctx->ctx.cli.severity = LOG_ERR;
appctx->ctx.cli.msg = "Failed to update an entry.\n";
appctx->st0 = CLI_ST_PRINT;
}
return 1;
}
HA_SPIN_UNLOCK(PATREF_LOCK, &appctx->ctx.map.ref->lock);
@ -829,10 +841,16 @@ static int cli_parse_add_map(char **args, struct appctx *appctx, void *private)
ret = pat_ref_add(appctx->ctx.map.ref, args[3], NULL, &err);
HA_SPIN_UNLOCK(PATREF_LOCK, &appctx->ctx.map.ref->lock);
if (!ret) {
if (err)
if (err) {
memprintf(&err, "%s.\n", err);
appctx->ctx.cli.err = err;
appctx->st0 = CLI_ST_PRINT_FREE;
appctx->ctx.cli.err = err;
appctx->st0 = CLI_ST_PRINT_FREE;
}
else {
appctx->ctx.cli.severity = LOG_ERR;
appctx->ctx.cli.msg = "Failed to add an entry.\n";
appctx->st0 = CLI_ST_PRINT;
}
return 1;
}

5
src/ssl_sock.c
View File

@ -8588,6 +8588,11 @@ static int cli_parse_set_ocspresponse(char **args, struct appctx *appctx, void *
appctx->ctx.cli.err = err;
appctx->st0 = CLI_ST_PRINT_FREE;
}
else {
appctx->ctx.cli.severity = LOG_ERR;
appctx->ctx.cli.msg = "Failed to update OCSP response.\n";
appctx->st0 = CLI_ST_PRINT;
}
return 1;
}
appctx->ctx.cli.severity = LOG_INFO;