BUG/MEDIUM: cli: Properly parse empty lines and avoid crashed

Empty lines was not properly parsed and could lead to crashes because the
last argument was parsed outside of the cmdline buffer. Indeed, the last
argument is parsed to look for an eventual payload pattern. It is started
one character after the newline at the end of the command line. But it is
only valid for an non-empty command line.

So, now, this case is properly detected when we leave if an empty line is
detected.

This patch must be backported to 3.2.

diff --git a/src/cli.c b/src/cli.c
index 6fdeff94c798fcee2c2150b5519951f655f036d9..5ad88d48da4ff5e10fb90172be543d5513f65c85 100644 (file)
--- a/src/cli.c
+++ b/src/cli.c
@@ -987,12 +987,18 @@ int cli_parse_cmdline(struct appctx *appctx)
                                continue;
                        }
 
+                       if (!len)
+                               goto process_cmdline;
+
                        /* The end of the command line was reached. Change the trailing \r, if any,
                         * by a null byte. For the command line, the trailing \r and \n are removed,
                         * but we conserve them for payload mode.
                         */
-                       if (str[len-1] == '\r')
+                       if (str[len-1] == '\r') {
                                str[--len] = '\0';
+                               if (!len)
+                                       goto process_cmdline;
+                       }
 
                        /*
                         * Look for the "payload start" pattern at the end of a
@@ -1055,6 +1061,7 @@ int cli_parse_cmdline(struct appctx *appctx)
                        }
                }
 
+         process_cmdline:
                if (!(appctx->st1 & APPCTX_CLI_ST1_PAYLOAD)) {
                        appctx->st0 = CLI_ST_PROCESS_CMDLINE;
                        break;