mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-20 13:21:29 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: mux-quic: trace with non initialized qcc

Browse Source 
This issue leads to crashes when the QUIC mux traces are enabled and could be
reproduced with -dMfail. When the qcc allocation fails (qcc_init()) haproxy
crashes into qmux_dump_qcc_info() because ->conn qcc member is initialized:

Program terminated with signal SIGSEGV, Segmentation fault.
    at src/qmux_trace.c:146
146             const struct quic_conn *qc = qcc->conn->handle.qc;
[Current thread is 1 (LWP 1448960)]
(gdb) p qcc
$1 = (const struct qcc *) 0x7f9c63719fa0
(gdb) p qcc->conn
$2 = (struct connection *) 0x155550508
(gdb)

This patch simply fixes the TRACE() call concerned to avoid <qcc> object
dereferencing when it is NULL.

Must be backported as far as 3.0.
This commit is contained in:
Frederic Lecaille 2025-08-28 07:58:00 +02:00
parent 31c17ad837
commit ffa926ead3
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/mux_quic.c
View File

@ -3706,7 +3706,7 @@ static int qmux_init(struct connection *conn, struct proxy *prx,
conn->ctx = NULL; conn->ctx = NULL;
} }
TRACE_DEVEL("leaving on error", QMUX_EV_QCC_NEW, conn); TRACE_DEVEL("leaving on error", QMUX_EV_QCC_NEW, qcc ? conn : NULL);
return -1; return -1;
} }