вт, 2 окт. 2018 г. в 7:06, Willy Tarreau <[email protected]>: > Hi Ilya, > > On Sat, Sep 15, 2018 at 12:55:07AM +0500, ???? ??????? wrote: > > hi, > > > > please find attached patch > > > > cheers, > > Ilya Shipitsin > > > From 7961bb27597cf529a88da475d3928d6223a88753 Mon Sep 17 00:00:00 2001 > > From: Ilya Shipitsin <[email protected]> > > Date: Sat, 15 Sep 2018 00:50:05 +0500 > > Subject: [PATCH] MINOR: src/connection.c: avoid null pointer dereference > > > > found by coverity > > --- > > src/connection.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/src/connection.c b/src/connection.c > > index b970d418..1e139ec2 100644 > > --- a/src/connection.c > > +++ b/src/connection.c > > @@ -1191,7 +1191,7 @@ int make_proxy_line_v2(char *buf, int buf_len, > struct server *srv, struct connec > > ret += make_tlv(&buf[ret], (buf_len - ret), > PP2_TYPE_CRC32C, sizeof(zero_crc32c), (const char *)&zero_crc32c); > > } > > > > - if (conn_get_alpn(remote, &value, &value_len)) { > > + if (remote && conn_get_alpn(remote, &value, &value_len)) { > > if ((buf_len - ret) < sizeof(struct tlv)) > > return 0; > > ret += make_tlv(&buf[ret], (buf_len - ret), PP2_TYPE_ALPN, > value_len, value); > > This one indeed looks valid. I looked at the other places there where > the remote connection is used and they're protected by ssl_sock_is_ssl(). > I think it's needed to add some comments above the function about the > fact that remote can be null in case of a check or an applet. I'll retag > the fix "BUG" as I'm pretty sure it could cause a crash with the > approppriate configuration. >
this one was found by automation, i.e. coverity. I see haproxy was added to coverity in 2015 and builds were not submitted since 2015. shall we send builds, for example monthly ? (there are several more null pointer dereferences, expect patches from me) > > Thanks, > Willy >
