From: Christopher Faulet Date: Fri, 28 Apr 2023 12:47:15 +0000 (+0200) Subject: BUG/MEDIUM: tcpcheck: Don't eval custom expect rule on an empty buffer X-Git-Tag: v2.8-dev9~15 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2ebac6a3207188944404f02f2c03ec5bcba16c08;p=thirdparty%2Fhaproxy.git BUG/MEDIUM: tcpcheck: Don't eval custom expect rule on an empty buffer The commit a664aa6a6 ("BUG/MINOR: tcpcheck: Be able to expect an empty response") instroduced a regression for expect rules relying on a custom function. Indeed, there is no check on the buffer to be sure it is not empty before calling the custom function. But some of these functions expect to have data and don't perform any test on the buffer emptiness. So instead of fixing all custom functions, we just don't eval them if the buffer is empty. This patch must be backported but only if the commit above was backported first. --- diff --git a/src/tcpcheck.c b/src/tcpcheck.c index 55fd190cf2..117be32751 100644 --- a/src/tcpcheck.c +++ b/src/tcpcheck.c @@ -2047,6 +2047,13 @@ enum tcpcheck_eval_ret tcpcheck_eval_expect(struct check *check, struct tcpcheck break; case TCPCHK_EXPECT_CUSTOM: + /* Don't eval custom function if the buffer is empty. It means + * cusstom functions can't expect an empty response. If this + * change, don't forget to change this test and update all + * custom functions. + */ + if (!b_data(&check->bi)) + break; if (expect->custom) ret = expect->custom(check, rule, last_read); goto out;