BUG/MAJOR: spoe: Don't try to get agent config during SPOP healthcheck

During SPOP healthchecks, a dummy appctx is used to create the HAPROXY-HELLO
frame and then to parse the AGENT-HELLO frame. No agent are attached to it. So
it is important to not rely on an agent during these stages. When HAPROXY-HELLO
frame is created, there is no problem, all accesses to an agent are
guarded. This is not true during the parsing of the AGENT-HELLO frame. Thus, it
is possible to crash HAProxy with a SPOA declaring the async or the pipelining
capability during a healthcheck.

This patch must be backported to 1.9 and 1.8.

diff --git a/src/flt_spoe.c b/src/flt_spoe.c
index 0f7a21ae3a06d46c1698aa2c329e20768ba5c3b0..1a1194fa6805c432f39856e043b3d6e3bacead09 100644 (file)
--- a/src/flt_spoe.c
+++ b/src/flt_spoe.c
@@ -825,10 +825,14 @@ spoe_handle_agenthello_frame(struct appctx *appctx, char *frame, size_t size)
                SPOE_APPCTX(appctx)->status_code = SPOE_FRM_ERR_NO_FRAME_SIZE;
                return -1;
        }
-       if ((flags & SPOE_APPCTX_FL_PIPELINING) && !(agent->flags & SPOE_FL_PIPELINING))
-               flags &= ~SPOE_APPCTX_FL_PIPELINING;
-       if ((flags & SPOE_APPCTX_FL_ASYNC) && !(agent->flags & SPOE_FL_ASYNC))
-               flags &= ~SPOE_APPCTX_FL_ASYNC;
+       if (!agent)
+               flags &= ~(SPOE_APPCTX_FL_PIPELINING|SPOE_APPCTX_FL_ASYNC);
+       else {
+               if ((flags & SPOE_APPCTX_FL_PIPELINING) && !(agent->flags & SPOE_FL_PIPELINING))
+                       flags &= ~SPOE_APPCTX_FL_PIPELINING;
+               if ((flags & SPOE_APPCTX_FL_ASYNC) && !(agent->flags & SPOE_FL_ASYNC))
+                       flags &= ~SPOE_APPCTX_FL_ASYNC;
+       }
 
        SPOE_APPCTX(appctx)->version        = (unsigned int)vsn;
        SPOE_APPCTX(appctx)->max_frame_size = (unsigned int)max_frame_size;