mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-09-22 14:21:25 +02:00
23b2945c1c
Since commit 3d08236cb344607557f22e00cf1cc3e321a1fa95 HAProxy can be trivially crashed remotely by sending an `accept-encoding` HTTP request header that contains 16 commas. This is because the `values` array in `accept_encoding_normalizer` accepts only 16 entries and it is not verified whether the end is reached during looping. Fix this issue by checking the length. This patch also simplifies the ist processing in the loop, because it manually calculated offsets and lengths, when the ist API exposes perfectly safe functions to advance and truncate ists. I wonder whether the accept_encoding_normalizer function is able to re-use some existing function for parsing headers that may contain lists of values. I'll leave this evaluation up to someone else, only patching the obvious crash. This commit is 2.4-dev specific and was merged just a few hours ago. No backport needed.
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)