mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-09-29 09:41:21 +02:00
177aed56dc
In order to better detect the danger caused by extra shared libraries which replace some symbols, upon dlopen() we now compare a few critical symbols such as malloc(), free(), and some OpenSSL symbols, to see if the loaded library comes with its own version. If this happens, a warning is emitted and TAINTED_REDEFINITION is set. This is important because some external libs might be linked against different libraries than the ones haproxy was linked with, and most often this will end very badly (e.g. an OpenSSL object is allocated by haproxy and freed by such libs). Since the main source of dlopen() calls is the Lua lib, via a "require" statement, it's worth trying to show a Lua call trace when detecting a symbol redefinition during dlopen(). As such we emit a Lua backtrace if Lua is detected as being in use.