From: Willy Tarreau Date: Tue, 9 Aug 2016 09:59:12 +0000 (+0200) Subject: BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size X-Git-Tag: v1.7-dev4~19 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ce6955e632df7605edbd3418cbbc239e0a1106a8;p=thirdparty%2Fhaproxy.git BUG/MEDIUM: stick-tables: do not fail on string keys with no allocated size When a stick-table key is derived from a string-based sample, it checks if it's properly zero-terminated otherwise tries to do so. But the test doesn't work for two reasons : - the reported allocated size may be zero while the sample is maked as not CONST (eg: certain sample fetch functions like smp_fetch_base() do this), so smp_dup() prior to the recent changes will fail on this. - the string might have been converted from a binary sample, where the trailing zero is not appended. If the sample was writable, smp_dup() would not modify it either and we would fail again here. This may happen with req.payload or req.body_param for example. The correct solution consists in calling smp_make_safe() to ensure the sample is usable as a valid string. This fix must be backported to 1.6. --- diff --git a/src/stick_table.c b/src/stick_table.c index c22a514c90..13816bbed2 100644 --- a/src/stick_table.c +++ b/src/stick_table.c @@ -496,15 +496,8 @@ struct stktable_key *smp_to_stkey(struct sample *smp, struct stktable *t) break; case SMP_T_STR: - /* Must be NULL terminated. */ - if (smp->data.u.str.len >= smp->data.u.str.size || - smp->data.u.str.str[smp->data.u.str.len] != '\0') { - if (!smp_dup(smp)) - return NULL; - if (smp->data.u.str.len >= smp->data.u.str.size) - return NULL; - smp->data.u.str.str[smp->data.u.str.len] = '\0'; - } + if (!smp_make_safe(smp)) + return NULL; static_table_key->key = smp->data.u.str.str; static_table_key->key_len = smp->data.u.str.len; break;