From: Amaury Denoyelle Date: Wed, 17 Feb 2021 14:59:02 +0000 (+0100) Subject: BUG/MINOR: backend: do not call smp_make_safe for sni conn hash X-Git-Tag: v2.4-dev9~40 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4c09800b760a7b37f9810d923046b5c30b1e1824;p=thirdparty%2Fhaproxy.git BUG/MINOR: backend: do not call smp_make_safe for sni conn hash conn_hash_prehash does not need a nul-terminated string, thus it is only needed to test if the sni sample is not null before using it as connection hash input. Moreover, a bug could be introduced between smp_make_safe and ssl_sock_set_servername call. Indeed, smp_make_safe may call smp_dup which duplicates the sample in the trash buffer. If another function manipulates the trash buffer before the call to ssl_sock_set_servername, the sni sample might be erased. Currently, no function seems to do that except make_proxy_line in case proxy protocol is used simultaneously with the sni on the server. This does not need to be backported. --- diff --git a/src/backend.c b/src/backend.c index 5f6f038639..e2fa3c35a9 100644 --- a/src/backend.c +++ b/src/backend.c @@ -1289,7 +1289,12 @@ int connect_server(struct stream *s) sni_smp = sample_fetch_as_type(s->be, s->sess, s, SMP_OPT_DIR_REQ | SMP_OPT_FINAL, srv->ssl_ctx.sni, SMP_T_STR); - if (smp_make_safe(sni_smp)) { + + /* only test if the sample is not null as smp_make_safe (called + * before ssl_sock_set_servername) can only fails if this is + * not the case + */ + if (sni_smp) { sni_hash = conn_hash_prehash(sni_smp->data.u.str.area, sni_smp->data.u.str.data); hash_params.sni_prehash = &sni_hash;