As of commit 6ca89162dc881df8fecd7713ca1fe5dbaa66b315 this hash no longer is
required, because unknown encodings are not longer stored and known encodings
do not use the cache.
---
include/haproxy/http_ana-t.h | 2 +-
src/cache.c | 80
2
For the `accept-encoding` header a bitmap and not a hash is stored.
---
src/cache.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/src/cache.c b/src/cache.c
index 965509871..9e01de402 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -97,7 +97,7 @@ struct
Willy,
Thierry,
v2 fixes the commit message (adding a missing 'hlua:' after the type and
severity) and also reduces the amount of duplicated code.
Best regards
Tim Düsterhus
Apply with `git am --scissors` to automatically cut the commit message.
-- >8 --
During a configuration check valgrind
During a configuration check valgrind reports:
==14425== 0 bytes in 106 blocks are definitely lost in loss record 1 of 107
==14425==at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14425==by 0x4C2FDEF: realloc (in
Add a warning to the `haproxy` target when building without USE_OPENSSL.
---
Makefile | 4
1 file changed, 4 insertions(+)
diff --git a/Makefile b/Makefile
index 4e6c834ed..e60b7d3c8 100644
--- a/Makefile
+++ b/Makefile
@@ -912,6 +912,10 @@ endif
haproxy: $(OPTIONS_OBJS) $(OBJS)
Rephrase the message to no longer talk about something that "is no longer
supported", but about what actually *is* supported.
Adjustments include:
- Removal of rare targets to make it easier to find the proper one.
- Reformatting to be easier to read (more newlines)
- Explanation of common
Willy,
Thayne,
find the patch below.
I am adding Thayne as CC as it was your commit that uncovered the issue and the
crash happened in a function you wrote. Maybe you might want to add some
additional checks somewhere?
Best regards
Tim Düsterhus
Apply with `git am --scissors` to automatically
This patch fixes GitHub issue #1024.
I could track the `strdup` back to commit
3a1f5fda109fc56ae127d03eaf34ce027c9542e1 which is 1.9-dev8. It's probably not
worth the effort to backport it across this refactoring.
This patch should be backported to 1.9+.
---
src/cfgparse-listen.c | 4
1
In case of an error `p` is not properly freed.
Minor leak during configuration parsing in out of memory situations, no
backport needed.
---
src/hlua.c | 21 ++---
1 file changed, 14 insertions(+), 7 deletions(-)
diff --git a/src/hlua.c b/src/hlua.c
index b6138251a..7ac0274a2
Other locations in the configuration parser use 'memory allocation failed', so
use this one as well.
---
src/hlua.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/hlua.c b/src/hlua.c
index 7ac0274a2..6fff60147 100644
--- a/src/hlua.c
+++ b/src/hlua.c
@@ -8384,17
This patch fixes GitHub issue #1023.
The function was introduced in commit 67b5a161b4aa5cf9eb18a609fcbb64ec744ae7ea,
which first appeared in 2.1-dev2. The fix should be backported to 2.1+.
---
src/sink.c | 13 +
1 file changed, 13 insertions(+)
diff --git a/src/sink.c b/src/sink.c
tlskeys_reference was a raw `struct list` instead of a `struct tls_keys_ref`
(which contains the `struct list`). This was uncritical in this specific case,
because the `struct list` is the first member of `struct tls_keys_ref`. Thus
address of the `struct tls_keys_ref` will be identical to the
`getnext` was only used to fill `ref` at the beginning of the function. Both
have the same type. Replace the parameter name by `ref` to remove the useless
local variable.
---
src/ssl_sock.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
This loop was always exited in the first iteration by `return`.
---
src/ssl_sock.c | 15 ++-
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 01a5b3c4c..7ea8e26a3 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -6362,17 +6362,14
This variable is only needed deeply nested in a single location and clang's
static analyzer complains about a dead initialization. Reduce the scope to
satisfy clang and the human that reads the function.
---
src/cache.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git
This is only required to process the `age` header.
---
src/cache.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cache.c b/src/cache.c
index 609465897..cf994a95e 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -977,7 +977,6 @@ static void set_secondary_key_encoding(struct
Compare the various `cmp()` functions against zero.
---
contrib/mod_defender/spoa.c| 8
contrib/mod_defender/standalone.c | 18 +-
contrib/modsecurity/spoa.c | 8
.../prometheus-exporter/service-prometheus.c
Willy,
I've eyeballed the full diff to verify that this does not introduce any
accidental logic changes. It looks good to me, but of course I might have
missed anything.
The coccinelle patch can be found in the commit message. It's very simple, but
on the other hand I'm lacking coccinelle
Compare the various `XXXcmp()` functions against zero.
---
include/haproxy/action.h | 2 +-
include/haproxy/protobuf.h | 28 ++--
2 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/include/haproxy/action.h b/include/haproxy/action.h
index
This patch fixes GitHub Issue #988. Commit
ce9e7b25217c46db1ac636b2c885a05bf91ae57e
was not sufficient, because it fell back to a hash comparison if the bitmap
of known encodings was not acceptable instead of directly returning the the
cached response is not compatible.
This patch also extends
This patch fixes GitHub Issue #988. Commit
ce9e7b25217c46db1ac636b2c885a05bf91ae57e
was not sufficient, because it fell back to a hash comparison if the bitmap
of known encodings was not acceptable instead of directly returning the the
cached response is not compatible.
This patch also extends
Willy,
please fill in the severity yourself, because I don't know what effects this
bug causes.
Check the issue for details:
https://github.com/haproxy/haproxy/issues/1015
Best regards
Tim Düsterhus
Apply with `git am --scissors` to automatically cut the commit message.
-- >8 --
This is a
This was missing when migrating from Travis.
---
.github/workflows/compliance.yml | 1 +
.github/workflows/vtest.yml | 1 +
.github/workflows/windows.yml| 1 +
3 files changed, 3 insertions(+)
diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml
index
Previously this was not visible after building.
---
Makefile | 1 +
src/haproxy.c | 3 +++
2 files changed, 4 insertions(+)
diff --git a/Makefile b/Makefile
index ff2084dd1..dd85e51a2 100644
--- a/Makefile
+++ b/Makefile
@@ -919,6 +919,7 @@ src/haproxy.o: src/haproxy.c $(DEP)
This forces a recompilation if the value of DEBUG= changes.
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index b93b0a872..ff2084dd1 100644
--- a/Makefile
+++ b/Makefile
@@ -878,7 +878,7 @@ help:
# Used only to force a rebuild if some build
Willy,
Ilya,
find two patches improving the CI.
1) This lays the foundation to check the workflow trigger in the matrix
generator Python script, allowing us to move less important jobs into
a daily / weekly schedule.
2) This cleans up the Windows CI. I've made sure to re-use as much as
This is a preparation to later run some matrix entries on schedule only.
Within the matrix.py script it can now be detected whether the workflow is
running on schedule by using:
if build_type == "schedule":
matrix.append(...)
---
.github/matrix.py | 9 +
index 0..5393a4c3a
--- /dev/null
+++ b/.github/workflows/windows.yml
@@ -0,0 +1,60 @@
+# Copyright 2019 Ilya Shipitsin
+# Copyright 2020 Tim Duesterhus
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as publi
This PR aims to make the workflow more consistent, by reusing the same wording
for the step names and the same commands to make it look like the vtest
workflow as much as possible.
It was renamed to compliance.yml to match the human readable name better. This
also allows to extend the workflow
Add a reg-test verifying the fix in dea7c209f8a77b471323dd97bdc1ac4d7a17b812.
Some parts of the configuration used in the were taken from the initial bug
report from Maciej.
Should be backported together with dea7c209f8a77b471323dd97bdc1ac4d7a17b812
(all stable versions).
Co-authored-by: Maciej
Willy,
fixed a typo in the commit message. not -> now. Sorry for the noise with the
separate mails!
Best regards
Tim Düsterhus
Apply with `git am --scissors` to automatically cut the commit message.
-- >8 --
vtest/VTest#24 is merged now. This step is no longer required.
---
vtest/VTest#24 is merged not. This step is no longer required.
---
.github/workflows/vtest.yml | 6 --
1 file changed, 6 deletions(-)
diff --git a/.github/workflows/vtest.yml b/.github/workflows/vtest.yml
index c3571b876..28e814153 100644
--- a/.github/workflows/vtest.yml
+++
- Favor early return over a `retval` variable and `break` in a loop.
- Avoid the use of `else`.
- Remove useless comparison with `1` / `0`.
---
src/cache.c | 30 +++---
1 file changed, 11 insertions(+), 19 deletions(-)
diff --git a/src/cache.c b/src/cache.c
index
Send the full body if the status `304` cannot be applied. This should be the
most graceful failure.
Specific for 2.3, no backport needed.
---
src/cache.c | 8 ++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/cache.c b/src/cache.c
index 9564158fc..6798e5197 100644
---
William,
Rémi,
I'm super happy to see that the support for if-none-match made it into 2.3. I
already was considering poking under some of the recent -devX announcements,
but thought it already was too late for it and thus did not.
Consider taking the following patches:
- CLEANUP: This one
Similar to warning during the parsing of the regular configuration file
that was added in 2fd5bdb439da29f15381aeb57c51327ba57674fc this patch adds
a warning to the parsing of a crt-list if the file does not end in a
newline (and thus might have been truncated).
The logic essentially just was
This reuses the known `parsing [%s:%d]:` from regular config file error
reporting.
---
src/ssl_crtlist.c | 30 +++---
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c
index fd141fc50..f1c15e051 100644
---
see https://github.com/haproxy/haproxy/issues/860#issuecomment-693422936
see 0354b658f061d00d5ab4b728d7deeff2c8f1503a
This should be backported as a warning to 2.2.
---
src/ssl_crtlist.c | 28 ++--
1 file changed, 26 insertions(+), 2 deletions(-)
diff --git
This reuses the known `parsing [%s:%d]:` from regular config file error
reporting.
---
src/ssl_crtlist.c | 30 +++---
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c
index fd141fc50..f1c15e051 100644
---
newsrv->curr_idle_thr is of type `unsigned int`, not `int`. Fix this issue
by simply passing the dereferenced pointer to sizeof, which is the preferred
style anyway.
This bug was introduced in commit dc2f2753e97ecfe94827de56ee9efd2cd6d39ad3.
It first appeared in 2.2-dev5. The patch must be
Changes performed using the following coccinelle patch:
@@
type T;
expression E;
expression t;
@@
(
t = calloc(E, sizeof(*t))
|
- t = calloc(E, sizeof(T))
+ t = calloc(E, sizeof(*t))
)
Looking through the commit history, grepping for coccinelle
Willy,
Am 12.09.20 um 18:52 schrieb Willy Tarreau:
> Thanks for doing this, I really appreciate it as I too hate having
> a named type in calloc, as it doesn't survive code changes over time.
>
> I'd rather have one patch to fix the known bug and the rest as a
> cleanup patch however, so that we
This fixes at least one instance where the wrong type was given to sizeof.
clang-analyzer complained that in src/cfgparse.c line 3614
(newsrv->curr_idle_thr):
> Result of 'calloc' is converted to a pointer of type 'unsigned int', which is
> incompatible with sizeof operand type 'int'
Changes
This allocation is technically always reachable and cannot leak, but so are
a few others that *are* freed.
---
src/haproxy.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/haproxy.c b/src/haproxy.c
index 0dc81c78c..e70870ab0 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -2407,6
This allocation is technically always reachable and cannot leak, but so are
a few others that *are* freed.
---
src/haproxy.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/haproxy.c b/src/haproxy.c
index 663922e72..b01707096 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -2403,6
Given the following example configuration:
listen http
bind *:80
mode http
stats scope .
Running a configuration check with valgrind reports:
==16341== 26 (24 direct, 2 indirect) bytes in 1 blocks are definitely lost
in loss record 3 of 13
==16341==at
This allocation technically is always reachable and cannot leak, however other
global variables such as `oldpids` are already being freed. This is in an
attempt to get HAProxy to a state where there are zero live allocations after a
clean exit.
---
src/haproxy.c | 1 +
1 file changed, 1
This allocation is technically always reachable and cannot leak, but so are
a few others that *are* freed.
---
src/haproxy.c | 24
1 file changed, 24 insertions(+)
diff --git a/src/haproxy.c b/src/haproxy.c
index b01707096..0dc81c78c 100644
--- a/src/haproxy.c
+++
Willy,
this basically is a continuation from my series in July:
https://www.mail-archive.com/haproxy@formilux.org/msg37808.html
One more real bugfix and 4 more frees of live allocations for consistency with
the surrounding code.
Best regards
Tim Düsterhus (5):
BUG/MINOR: haproxy: Free
This excludes the currently tracked files from being ignored.
---
.gitignore | 4
1 file changed, 4 insertions(+)
diff --git a/.gitignore b/.gitignore
index 7e45489d2..3a760af99 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,7 +2,11 @@
# than blocking about 500 different test files and bug
Commit .gitattributes to the repository to allow GitHub downloads to
properly fill in the SUBVERS and VERDATE files. It also prevents the
engineer in charge of the release to forget creating it when a new branch
is released.
see https://www.mail-archive.com/haproxy@formilux.org/msg38107.html
No
http_get_etag_type returns whether a given `etag` is a strong, weak, or invalid
ETag.
---
include/haproxy/http-t.h | 6 ++
include/haproxy/http.h | 21 +
2 files changed, 27 insertions(+)
diff --git a/include/haproxy/http-t.h b/include/haproxy/http-t.h
index
This commit makes the compressor use http_get_etag_type to validate the
ETag instead of using an ad-hoc condition.
---
src/flt_http_comp.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/src/flt_http_comp.c b/src/flt_http_comp.c
index 87f359d03..0360d94be 100644
---
/http.c
index 937d4d0d0..98ee0e198 100644
--- a/src/http.c
+++ b/src/http.c
@@ -2,6 +2,7 @@
* HTTP semantics
*
* Copyright 2000-2018 Willy Tarreau
+ * Copyright 2020 Tim Duesterhus
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU
atch: W/\"etag\""
+ rxresp
+ expect resp.status == 304
+} -run
diff --git a/src/cache.c b/src/cache.c
index b42262948..04cd6000f 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -4,6 +4,8 @@
* Copyright 2017 HAProxy Technologies
* William Lallemand
*
+ * Copyright 2
William,
Christopher,
Am 01.09.20 um 10:29 schrieb Christopher Faulet:
>>> There is no applet for uncached requests. So there is no reason to call
>>> the release callback function. Looking at your 4th patch, you should
>>> manually release 'if_none_match' variable for uncached requests in the
http_get_etag_type returns whether a given `etag` is a strong, weak, or invalid
ETag.
---
include/haproxy/http-t.h | 6 ++
include/haproxy/http.h | 21 +
2 files changed, 27 insertions(+)
diff --git a/include/haproxy/http-t.h b/include/haproxy/http-t.h
index
William,
Am 28.08.20 um 13:57 schrieb William Lallemand:
>> So basically I would need to simply store the 'if-none-match' of the
>> request within the `appctx`, yes?
>
> That's right, once the object is found in the cache, you can check the
> etag from the request action and set a flag in the
/http.c
index 937d4d0d0..98ee0e198 100644
--- a/src/http.c
+++ b/src/http.c
@@ -2,6 +2,7 @@
* HTTP semantics
*
* Copyright 2000-2018 Willy Tarreau
+ * Copyright 2020 Tim Duesterhus
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU
This commit makes the compressor use http_get_etag_type to validate the
ETag instead of using an ad-hoc condition.
---
src/flt_http_comp.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/src/flt_http_comp.c b/src/flt_http_comp.c
index 87f359d03..0360d94be 100644
---
atch: W/\"etag\""
+ rxresp
+ expect resp.status == 304
+} -run
diff --git a/src/cache.c b/src/cache.c
index b42262948..3c9392f8b 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -4,6 +4,8 @@
* Copyright 2017 HAProxy Technologies
* William Lallemand
*
+ * Copyright 2
che.c
@@ -4,6 +4,8 @@
* Copyright 2017 HAProxy Technologies
* William Lallemand
*
+ * Copyright 2020 Tim Duesterhus
+ *
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the
When the cache name is left out in 'filter cache' the error message refers
to a missing ''. The name of the cache is called 'name' within the docs.
Adjust the error message for consistency.
The error message was introduced in 99a17a2d91f9044ea20bba6617048488aed80555.
This commit first appeared
As announced within the emitted log message this is going to become a hard
error in 2.3. It's 2.3 time now, let's do this.
see 2fd5bdb439da29f15381aeb57c51327ba57674fc
---
src/cfgparse.c | 15 +++
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/src/cfgparse.c
/workflows/vtest.yml
diff --git a/.github/workflows/vtest.yml b/.github/workflows/vtest.yml
new file mode 100644
index 0..d94322474
--- /dev/null
+++ b/.github/workflows/vtest.yml
@@ -0,0 +1,175 @@
+# Copyright 2019 Ilya Shipitsin
+# Copyright 2020 Tim Duesterhus
+#
+# This program is free sof
Compiling HAProxy with USE_LUA=1 and running a configuration check within
valgrind with a very simple configuration such as:
listen foo
bind *:8080
Will report quite a few possible leaks afterwards:
==24048== LEAK SUMMARY:
==24048==definitely lost: 0 bytes in 0 blocks
vars_deinit() frees all var_names during deinit().
---
src/vars.c | 9 +
1 file changed, 9 insertions(+)
diff --git a/src/vars.c b/src/vars.c
index fd95eed5d..c69a561fa 100644
--- a/src/vars.c
+++ b/src/vars.c
@@ -857,6 +857,15 @@ static int vars_max_size_check(char **args, int
Instead of just calling release_sample_arg(conv_expr->arg_p) we also must
free() the conv_expr itself (after removing it from the list).
Given the following example configuration:
frontend foo
bind *:8080
mode http
http-request set-var(txn.foo) str(bar)
acl
This allocation is technically always reachable and cannot leak, but so are
a few others that *are* freed.
---
src/haproxy.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/haproxy.c b/src/haproxy.c
index 64d7e0eea..70d442c40 100644
--- a/src/haproxy.c
+++
Given the following example configuration:
frontend foo
mode http
bind *:8080
unique-id-format x
Running a configuration check with valgrind reports:
==30712== 42 (40 direct, 2 indirect) bytes in 1 blocks are definitely lost
in loss record 18 of 39
==30712==
Willy,
Am 04.07.20 um 11:13 schrieb Willy Tarreau:
>> Or you tell me to send it now and apply it to 'next'.
>
> It's up to you. I personally like to keep my topic branch till the last
> moment because that leaves more more freedom to revisit my patches later,
> but when I'm certain patches are
Given the following example configuration:
listen foo
mode http
bind *:8080
http-request set-var(txn.leak) bool(1)
server x example.com:80
Running a configuration check with valgrind reports:
==24233== 2 bytes in 1 blocks are definitely lost in loss
Given the following example configuration:
resolvers test
nameserver test 127.0.0.1:53
listen foo
bind *:8080
server foo example.com resolvers test
Running a configuration check within valgrind reports:
==21995== 5 bytes in 1 blocks are definitely lost in
Given the following example configuration:
listen foo
mode http
bind *:8080
http-request set-var(txn.leak) meth(GET)
server x example.com:80
Running a configuration check with valgrind reports:
==25992== 4 bytes in 1 blocks are definitely lost in loss
Given the following example configuration:
backend foo
mode http
use-server x if { always_true }
server x example.com:80
Running a configuration check with valgrind reports:
==18650== 14 bytes in 1 blocks are definitely lost in loss record 3 of 345
==18650==
Given the following example configuration:
backend foo
mode http
use-server %[str(x)] if { always_true }
server x example.com:80
Running a configuration check with valgrind reports:
==19376== 170 (40 direct, 130 indirect) bytes in 1 blocks are definitely
lost in
This allocation is technically always reachable and cannot leak, but so are
a few others that *are* freed.
---
src/haproxy.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/haproxy.c b/src/haproxy.c
index 53301c0be..64d7e0eea 100644
--- a/src/haproxy.c
+++
Given the following example configuration:
frontend foo
mode http
bind *:8080
unique-id-header x
Running a configuration check with valgrind reports:
==17621== 2 bytes in 1 blocks are definitely lost in loss record 1 of 341
==17621==at 0x4C2DB8F: malloc
This allocation is technically always reachable and cannot leak, but so are
a few others that *are* freed.
---
src/haproxy.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/src/haproxy.c b/src/haproxy.c
index 7f05d39a8..489a0ebe8 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -2606,6
This allocation is technically always reachable and cannot leak, but so are
a few others that *are* freed.
---
src/haproxy.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/haproxy.c b/src/haproxy.c
index 70d442c40..7f05d39a8 100644
--- a/src/haproxy.c
+++
Instead of simply calling free() in expr->smp->arg_p in certain cases
properly free the sample using release_sample_expr().
Given the following example configuration:
frontend foo
bind *:8080
mode http
http-request set-var(txn.foo) str(bar)
acl is_match
The IPv4 code did not take into account that the header value might not
contain the trailing NUL byte, possibly reading stray data after the header
value, failing the parse and testing the IPv6 branch. That one adds the
missing NUL, but fails to parse IPv4 addresses.
Fix this issue by always
The returned `arg` value is the number of arguments found, but in case
of the error message it's not a valid argument index.
Because we know how many arguments we allowed (MAX_LINE_ARGS) we know
what to print in the error message, so do just that.
Consider a configuration like this:
listen
The arguments are relative to the outline, not relative to the input line.
This patch fixes up commit 9e1758efbd68c8b1d27e17e2abee110f3ebe which
is 2.2 only. No backport needed.
---
src/cfgparse.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cfgparse.c
Willy,
realized I forgot to update the commit reference in the first patch after the
change now is in cfgparse instead of tools, so here is v3. Only the commit
message changed compared to v2.
Best regards
Tim Düsterhus (2):
BUG/MINOR: cfgparse: Fix argument reference in PARSE_ERR_TOOMANY
Willy,
Am 23.06.20 um 17:37 schrieb Willy Tarreau:
> On Tue, Jun 23, 2020 at 05:06:27PM +0200, Tim Duesterhus wrote:
>> Otherwise `arg++` will be executed for every argument after the maximum,
>> returning a bogus value.
>
> No, it returns the correct one, as docume
The returned `arg` value is the number of arguments found, but in case
of the error message it's not a valid argument index.
Because we know how many arguments we allowed (MAX_LINE_ARGS) we know
what to print in the error message, so do just that.
Consider a configuration like this:
listen
The arguments are relative to the outline, not relative to the input line.
This patch fixes up commit 9e1758efbd68c8b1d27e17e2abee110f3ebe which
is 2.2 only. No backport needed.
---
src/cfgparse.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cfgparse.c
The arguments are relative to the outline, not relative to the input line.
This patch fixes up commit 9e1758efbd68c8b1d27e17e2abee110f3ebe which
is 2.2 only. No backport needed.
---
src/cfgparse.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cfgparse.c
Otherwise `arg++` will be executed for every argument after the maximum,
returning a bogus value.
Consider a configuration like this:
listen foo
1 2 3 [...] 64 65
Then running a configuration check within valgrind reports the following:
==18265== Conditional jump or move depends
Fix parsing of configurations if the configuration file does not end with
an LF.
This patch fixes GitHub issue #704. It's a regression in
9e1758efbd68c8b1d27e17e2abee110f3ebe which is 2.2 specific. No backport
needed.
---
src/cfgparse.c | 6 --
1 file changed, 4 insertions(+), 2
n 2020 at 18:56, Tim Düsterhus wrote:
>>>>
>>>> Lukas,
>>>>
>>>> Am 22.06.20 um 18:41 schrieb Lukas Tribus:
>>>>> On Mon, 22 Jun 2020 at 18:16, Tim Duesterhus wrote:
>>>>>>
>>>>>> Fix parsing of configuratio
As discussed on the list:
https://www.mail-archive.com/haproxy@formilux.org/msg37698.html
This patch adds warnings to the configuration parser that detect the
following situations:
- A line being truncated by a null byte in the middle.
- A file not ending in a new line (and possibly being
Fix parsing of configurations if the configuration file does not end with
an LF.
This patch fixes GitHub issue #704. It's a regression in
9e1758efbd68c8b1d27e17e2abee110f3ebe which is 2.2 specific. No backport
needed.
---
src/cfgparse.c | 11 +--
1 file changed, 9 insertions(+), 2
This fixes up commit 32234e751320b60a3879f274d4a4753d7570e757. This
patch should be backported whereever that commit is backported.
---
src/cfgparse.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/cfgparse.c b/src/cfgparse.c
index 9f44c7566..fdbf3a406 100644
--- a/src/cfgparse.c
+++
Instead of simply calling free() in expr->smp->arg_p in certain cases
properly free the sample using release_sample_expr().
Given the following example configuration:
frontend foo
bind *:8080
mode http
http-request set-var(txn.foo) str(bar)
acl is_match
Given the following example configuration:
resolvers test
nameserver test 127.0.0.1:53
listen foo
bind *:8080
server foo example.com resolvers test
Running a configuration check within valgrind reports:
==21995== 5 bytes in 1 blocks are definitely lost in
Given the following example configuration:
frontend foo
mode http
bind *:8080
unique-id-format x
Running a configuration check with valgrind reports:
==30712== 42 (40 direct, 2 indirect) bytes in 1 blocks are definitely lost
in loss record 18 of 39
==30712==
Willy,
this series fixes up a few more frees. This time I have verified the changes
a bit more carefully, running configuration check on a real world configuration
of mine within valgrind. It still reports a five leaks (but less than without
applying these patches!) and does not report any memory
Instead of just calling release_sample_arg(conv_expr->arg_p) we also must
free() the conv_expr itself (after removing it from the list).
Given the following example configuration:
frontend foo
bind *:8080
mode http
http-request set-var(txn.foo) str(bar)
acl
201 - 300 of 498 matches
Mail list logo
