MINOR: acl: add extra diagnostics about suspicious string patterns

As noticed in this thread, some bogus configurations are not always easy
to spot: https://www.mail-archive.com/haproxy@formilux.org/msg44558.html
Here it was about config keywords being used in ACL patterns where strings
were expected, hence they're always valid.

Since we have the diag mode (-dD) we can perform some extra checks when
it's used, and emit them to suggest the user there might be an issue.

Here we detect a few common words (logic such as "and"/"or"/"||" etc),
C++/JS comments mistakenly used to try to isolate final args, and words
that have the exact name of a sample fetch or an ACL keyword. These checks
are only done in diag mode of course.

diff --git a/src/acl.c b/src/acl.c
index 8ef2b7d7bba13b4c332f6405aef5b533f5dcb7b9..52a71f38e617e869b45d75913c1e594de68bdfeb 100644 (file)
--- a/src/acl.c
+++ b/src/acl.c
@@ -546,6 +546,25 @@ struct acl_expr *parse_acl_expr(const char **args, char **err, struct arg_list *
                 */
                if (!pat_ref_add(ref, arg, NULL, err))
                        goto out_free_expr;
+
+               if (global.mode & MODE_DIAG) {
+                       if (strcmp(arg, "&&") == 0 || strcmp(arg, "and") == 0 ||
+                           strcmp(arg, "||") == 0 ||  strcmp(arg, "or") == 0)
+                               ha_diag_warning("parsing [%s:%d] : pattern '%s' looks like a failed attempt at using an operator inside a pattern list\n", file, line, arg);
+                       else if (strcmp(arg, "#") == 0 || strcmp(arg, "//") == 0)
+                               ha_diag_warning("parsing [%s:%d] : pattern '%s' looks like a failed attempt at commenting an end of line\n", file, line, arg);
+                       else if (find_acl_kw(arg))
+                               ha_diag_warning("parsing [%s:%d] : pattern '%s' suspiciously looks like a known acl keyword\n", file, line, arg);
+                       else {
+                               const char *begw = arg, *endw;
+
+                               for (endw = begw; is_idchar(*endw); endw++)
+                                       ;
+
+                               if (endw != begw && find_sample_fetch(begw, endw - begw))
+                                       ha_diag_warning("parsing [%s:%d] : pattern '%s' suspiciously looks like a known sample fetch keyword\n", file, line, arg);
+                       }
+               }
                args++;
        }