mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-22 06:11:32 +02:00
Code Issues Projects Releases Wiki Activity

[BUG] capture: do not capture a cookie if there is no memory left

Browse Source 
In case of out of memory, it was possible to write to a null pointer
when capturing response cookies due to a missing "else" block. The
request handling was fine though.
(cherry picked from commit 62e3604d7dd27741c0b4c9e27d9e7c73495dfc32)
This commit is contained in:
Willy Tarreau 2010-11-19 11:27:18 +01:00
parent e79c3b24fb
commit f70fc75296
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/proto_http.c
View File

@ -6766,11 +6766,12 @@ void manage_server_side_cookies(struct session *t, struct buffer *res)
if ((txn->srv_cookie = pool_alloc2(pool2_capture)) == NULL) {
Alert("HTTP logging : out of memory.\n");
}
if (log_len > t->fe->capture_len)
log_len = t->fe->capture_len;
memcpy(txn->srv_cookie, att_beg, log_len);
txn->srv_cookie[log_len] = 0;
else {
if (log_len > t->fe->capture_len)
log_len = t->fe->capture_len;
memcpy(txn->srv_cookie, att_beg, log_len);
txn->srv_cookie[log_len] = 0;
}
}
/* now check if we need to process it for persistence */