mirror of
https://git.haproxy.org/git/haproxy.git/
synced 2025-09-27 00:31:22 +02:00
eaabf06031
To avoid any UAF when a resolution is released, a mechanism was added to abort a resolution and delayed the released at the end of the current execution path. This mechanism depends on an hard assumption: Any reference on an aborted resolution must be removed. So, when a resolution is aborted, it is removed from the resolver lists and inserted into a death row list. However, a resolution may still be referenced in the query_ids tree. It is the tree containing all resolutions with a pending request. Because aborted resolutions are released outside the resolvers lock, it is possible to release a resolution on a side while a query ansswer is received and processed on another one. Thus, it is still possible to have a UAF because of this bug. To fix the issue, when a resolution is aborted, it is removed from any list, but it is also removed from the query_ids tree. This patch should solve the issue #1862 and may be related to #1875. It must be backported as far as 2.2.
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)