From: Emeric Brun Date: Thu, 3 Apr 2025 08:32:30 +0000 (+0200) Subject: BUG/MEDIUM: peers: prevent learning expiration too far in futur from unsync node X-Git-Tag: v3.2-dev10~42 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b02b8453d15dfe2c45d132484e381c27f63d2fb1;p=thirdparty%2Fhaproxy.git BUG/MEDIUM: peers: prevent learning expiration too far in futur from unsync node This patch sets the expire of the entry to the max value in configuration if the value showed in the peer update message is too far in futur. This should be backported an all supported branches. --- diff --git a/src/peers.c b/src/peers.c index e4ac52b22..40fc0e53c 100644 --- a/src/peers.c +++ b/src/peers.c @@ -1740,6 +1740,9 @@ static int peer_treat_updatemsg(struct appctx *appctx, struct peer *p, int updt, memcpy(&expire, *msg_cur, expire_sz); *msg_cur += expire_sz; expire = ntohl(expire); + /* Protocol contains expire in MS, check if value is less than table config */ + if (expire > table->expire) + expire = table->expire; /* the rest of the code considers expire as ticks and not MS */ expire = MS_TO_TICKS(expire); }