From: Valentine Krasnobaeva <vkrasnobaeva@haproxy.com>
Date: Thu, 12 Dec 2024 18:38:38 +0000 (+0100)
Subject: BUG/MINOR: cli: cli_snd_buf: preserve \r\n for payload lines
X-Git-Tag: v3.2-dev2~79
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d60c893991699af1103bcdcd33c915885c056559;p=thirdparty%2Fhaproxy.git

BUG/MINOR: cli: cli_snd_buf: preserve \r\n for payload lines

cli_snd_buf() analyzez input line by line. Before this patch it has always
scanned a given line for the presence of '\r' followed by '\n'.

This is only needed for strings, that contain the commands itself like
"show ssl cert\n", "set ssl cert test.pem <<\n".

In case of strings, which contain the command's payload, like
"-----BEGIN CERTIFICATE-----\r\n", '\r\n' should be preserved
as is.

This patch fixes the GitHub issue #2818.

This patch should be backported in v3.1 and in v3.0.
---

diff --git a/src/cli.c b/src/cli.c
index 429a277dc2..d5cc344997 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -962,19 +962,19 @@ size_t cli_snd_buf(struct appctx *appctx, struct buffer *buf, size_t count, unsi
 
 		if (str[len-1] == '\n')
 			lf = 1;
-
-		/* Remove the trailing \r, if any and add a null byte at the
-		 * end. For normal mode, the trailing \n is removed, but we
-		 * conserve if for payload mode.
-		 */
 		len--;
-		if (len && str[len-1] == '\r')
-			len--;
+
 		if (appctx->st1 & APPCTX_CLI_ST1_PAYLOAD) {
 			str[len+1] = '\0';
 			b_add(&appctx->inbuf, len+1);
 		}
 		else  {
+			/* Remove the trailing \r, if any and add a null byte at the
+			 * end. For normal mode, the trailing \n is removed, but we
+			 * conserve \r\n or \n sequences for payload mode.
+			 */
+			if (len && str[len-1] == '\r')
+				len--;
 			str[len] = '\0';
 			b_add(&appctx->inbuf, len);
 		}