From: Willy Tarreau Date: Wed, 2 Sep 2015 08:40:43 +0000 (+0200) Subject: BUG/MAJOR: http: don't manipulate the server connection if it's killed X-Git-Tag: v1.6-dev5~26 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bd99d5818d0beea8458189ba22989b0183cd6785;p=thirdparty%2Fhaproxy.git BUG/MAJOR: http: don't manipulate the server connection if it's killed Jesse Hathaway reported a crash that Cyril Bonté diagnosed as being caused by the manipulation of srv_conn after setting it to NULL. This happens in http-server-close mode when the server returns either a 401 or a 407, because the connection was previously closed then it's being assigned the CO_FL_PRIVATE flag. This bug only affects 1.6-dev as it was introduced by connection reuse code with commit 387ebf8 ("MINOR: connection: add a new flag CO_FL_PRIVATE"). --- diff --git a/src/proto_http.c b/src/proto_http.c index 0f18c00968..7887791ce1 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -5246,7 +5246,8 @@ void http_end_txn_clean_session(struct stream *s) * it's better to do it (at least it helps with debugging). */ s->txn->flags |= TX_PREFER_LAST; - srv_conn->flags |= CO_FL_PRIVATE; + if (srv_conn) + srv_conn->flags |= CO_FL_PRIVATE; } if (fe->options2 & PR_O2_INDEPSTR)