Willy,
Thayne,
find the patch below.
I am adding Thayne as CC as it was your commit that uncovered the issue and the
crash happened in a function you wrote. Maybe you might want to add some
additional checks somewhere?
Best regards
Tim Düsterhus
Apply with `git am --scissors` to automatically cut the commit message.
-- >8 --
GitHub Issue #1026 reported a crash during configuration check for the
following example config:
backend 0
server 0 0
server 0 0
HAProxy crashed in srv_set_addr_desc() due to a NULL pointer dereference caused
by `sa2str` returning NULL for an `AF_UNSPEC` address (`0`).
Fix this issue by erroring out early if the parsed address results in an
`AF_UNSPEC` family.
The crash was introduced in commit 92149f9a82a9b55c598f1cc815bc330c555f3561,
which is unreleased as of now. However such a configuration most likely is a
mistake even in earlier versions of HAProxy. Thus this patch may be backported
in order to improve debuggability for administrators. I suggest 2.2+.
---
src/server.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/server.c b/src/server.c
index 8906f0cf7..86dd708b4 100644
--- a/src/server.c
+++ b/src/server.c
@@ -2058,6 +2058,11 @@ int parse_server(const char *file, int linenum, char
**args, struct proxy *curpr
err_code |= ERR_ALERT | ERR_FATAL;
goto out;
}
+ if (sk->ss_family == AF_UNSPEC) {
+ ha_alert("parsing [%s:%d] : '%s %s' : unknown
address family\n", file, linenum, args[0], args[1]);
+ err_code |= ERR_ALERT | ERR_FATAL;
+ goto out;
+ }
if (!port1 || !port2) {
/* no port specified, +offset, -offset */
--
2.29.0
