BUG/MEDIUM: stream: Prevent mux upgrades if client connection is no longer ready

If an early error occurred on the client connection, we must prevent any
multiplexer upgrades. Indeed, it is unexpected for a mux to be initialized
with no xprt. On a normal workflow it is impossible. So it is not an
issue. But if a mux upgrade is performed at the stream level, an early error
on the connection may have already been handled by the previous mux and the
connection may be already fully closed. If the mux upgrade is still
performed, a crash can be experienced.

It is possible to have a crash with an implicit TCP>HTTP upgrade if there is no
data in the input buffer. But it is also possible to get a crash with an
explicit "switch-mode http" rule.

It must be backported to all stable versions. In 2.2, the patch must be
applied directly in stream_set_backend() function.

diff --git a/src/stream.c b/src/stream.c
index c78c6a10a6e476bf3d9861d8462c02872f078662..4e87aab54115a52a090a2a0642c38b3b9114bc0a 100644 (file)
--- a/src/stream.c
+++ b/src/stream.c
@@ -1489,6 +1489,10 @@ int stream_set_http_mode(struct stream *s, const struct mux_proto_list *mux_prot
                return 0;
 
        conn = sc_conn(sc);
+
+       if (!sc_conn_ready(sc))
+               return 0;
+
        if (conn) {
                se_have_more_data(s->scf->sedesc);
                /* Make sure we're unsubscribed, the the new