From a7777bbf79352e6670eab0b6afbebded6fbc6bdb Mon Sep 17 00:00:00 2001
From: Christopher Faulet <cfaulet@haproxy.com>
Date: Tue, 5 Dec 2023 09:21:38 +0100
Subject: [PATCH] BUG/MEDIUM: peers: fix partial message decoding

peer_recv_msg() may return because the message is incomplete without
checking if a shutdown is pending for the SC. The function relies on
co_getblk() to detect shutdowns. However, the message length decoding may be
interrupted if the multi-bytes integer is incomplete. In this case, the SC
is not check for shutdowns.

When this happens, this leads to an appctx spinning loop.

This patch should fix the issue #2373. It must be backported to 2.8.
---
 src/peers.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/peers.c b/src/peers.c
index 23affa127..5eefd1830 100644
--- a/src/peers.c
+++ b/src/peers.c
@@ -2455,7 +2455,7 @@ static inline int peer_recv_msg(struct appctx *appctx, char *msg_head, size_t ms
 	return 1;
 
  incomplete:
-	if (reql < 0) {
+	if (reql < 0 || (sc->flags & (SC_FL_SHUT_DONE|SC_FL_SHUT_WANTED))) {
 		/* there was an error or the message was truncated */
 		appctx->st0 = PEER_SESS_ST_END;
 		return -1;