SHA256
1
0
forked from pool/haproxy
haproxy/0017-BUG-MINOR-config-don-t-propagate-process-binding-on-.patch

47 lines
1.6 KiB
Diff

From b3228c83e320ad168f5b3e6884e771530a68a449 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Wed, 1 Oct 2014 20:50:17 +0200
Subject: [PATCH 17/20] BUG/MINOR: config: don't propagate process binding on
fatal errors.
propagate_processes() must not be called with unresolved proxies, but
nothing prevents it from being called in check_config_validity(). The
resulting effect is that an unresolved proxy can cause a recursion
loop if called in such a situation, ending with a segfault after the
fatal error report. There's no side effect beyond this.
This patch refrains from calling the function when any error was met.
This bug also affects 1.5, it should be backported.
(cherry picked from commit acbe8ab38a638a076f8cf9fe2635db0e729d6a1f)
---
src/cfgparse.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/cfgparse.c b/src/cfgparse.c
index f723a3a..6e962c8 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -7112,10 +7112,14 @@ out_uri_auth_compat:
global.stats_fe->bind_proc = ~0UL;
}
- /* propagate bindings from frontends to backends */
- for (curproxy = proxy; curproxy; curproxy = curproxy->next) {
- if (curproxy->cap & PR_CAP_FE)
- propagate_processes(curproxy, NULL);
+ /* propagate bindings from frontends to backends. Don't do it if there
+ * are any fatal errors as we must not call it with unresolved proxies.
+ */
+ if (!cfgerr) {
+ for (curproxy = proxy; curproxy; curproxy = curproxy->next) {
+ if (curproxy->cap & PR_CAP_FE)
+ propagate_processes(curproxy, NULL);
+ }
}
/* Bind each unbound backend to all processes when not specified. */
--
1.8.4.5