git.ipfire.org Git - thirdparty/haproxy.git/commit

author	Aurelien DARRAGON <adarragon@haproxy.com>
	Mon, 19 Jan 2026 15:35:37 +0000 (16:35 +0100)
committer	Aurelien DARRAGON <adarragon@haproxy.com>
	Mon, 19 Jan 2026 15:53:00 +0000 (16:53 +0100)
commit	9156d5f77582d2896fda9e77e08c065f88256e73
tree	395351bc60411878670f0bc5452e7e037b013f9e	tree \| snapshot
parent	14e890d85e8b42dd0d1d4fd413ca4a6340120302	commit \| diff

BUG/MEDIUM: log: parsing log-forward options may result in segfault

As reported by GH user @HiggsTeilchen on #3250, the use of "option
dont-parse-log" may result in segmentation fault when parsing the
configuration. In fact, "option assume-rfc6587-ntf" is also affected.

The reason behind this is that cfg_parse_log_forward() leverages the
cfg_parse_listen_match_option() function to check for generic proxy
options that are relevant in the PR_MODE_SYSLOG context. And while it
is not documented, this function assumes that the currently evaluated
proxy is stored in the global variable 'curproxy', which
cfg_parse_log_forward() doesn't offer.

cfg_parse_listen_match_option() uses curproxy to check the currently
evaluated proxy's capabilities is compatible with the option, so if a
proxy with the frontend capability was defined earlier in the config,
parsing would succeed, if curproxy points to proxy without the frontend
capabilty (ie: backend), a warning would be emitted to tell that the
option would be ignored while it is perfectly valid for the log-forward
proxy, and if no proxy was defined earlier in the config a segfault would
be triggered.

To fix the issue, we explicitly make "curproxy" global variable point to
the log-forward proxy being parsed in cfg_parse_log_forward() before
leveraging cfg_parse_listen_match_option() to check for compatible
options.

It must be backported with 834e9af8 ("MINOR: log: add options eval for
log-forward"), which was introduced in 3.2 precisely.