BUG/MINOR: guid: fix crash on invalid guid name

Using an invalid GUID for guid_insert() causes a crash. This is easily
reproducible using for example an invalid character with "guid" keyword.
Here is the provided backtrace :

  Thread 1 "haproxy" received signal SIGSEGV, Segmentation fault.
  0x00005555561fda95 in guid_insert (objt=0x520000002080, uid=0x519000002dac "@foo2", errmsg=0x7ffff4c0a7a0)
      at src/guid.c:83
  83              ha_free(&guid->node.key);

This error is present in guid_insert() cleanup parts. GUID node is not
allocated in case of an early error so it's impossible to dereference it
to free guid.node.key. Fix this simply by using an intermediary pointer
key.

This does not need to be backported.

diff --git a/src/guid.c b/src/guid.c
index 1f56ec9ba8ff1ae1873f899eb2d08f973828ed26..d3773d4a459036d3bdecf6853d7dc93ec28c11b3 100644 (file)
--- a/src/guid.c
+++ b/src/guid.c
@@ -28,6 +28,7 @@ int guid_insert(enum obj_type *objt, const char *uid, char **errmsg)
        struct guid_node *guid = NULL;
        struct guid_node *dup;
        struct ebpt_node *node;
+       char *key = NULL;
        char *dup_name = NULL;
        const char *c;
 
@@ -61,12 +62,13 @@ int guid_insert(enum obj_type *objt, const char *uid, char **errmsg)
                return 0;
        }
 
-       guid->node.key = strdup(uid);
-       if (!guid->node.key) {
+       key = strdup(uid);
+       if (!key) {
                memprintf(errmsg, "key alloc failure");
                goto err;
        }
 
+       guid->node.key = key;
        node = ebis_insert(&guid_tree, &guid->node);
        if (node != &guid->node) {
                dup = ebpt_entry(node, struct guid_node, node);
@@ -79,8 +81,7 @@ int guid_insert(enum obj_type *objt, const char *uid, char **errmsg)
        return 0;
 
  err:
-       ALREADY_CHECKED(guid);
-       ha_free(&guid->node.key);
+       ha_free(&key);
        ha_free(&dup_name);
        return 1;
 }