BUG/MINOR: pattern: prevent const sample from being tampered in pat_match_beg()

This is a complementary patch to a68affeaa ("BUG/MINOR: pattern: a sample
marked as const could be written"). Indeed the same logic from
pat_match_str() is used there, but we lack the check to ensure that the
sample is not const before writing data to it.

It could be backported to all stable versions.

diff --git a/src/pattern.c b/src/pattern.c
index 90f386e9a6746a167966d5d2b276ac817ae12851..4b7540b40979b9221e54b4aec107bb3bf6c6a241 100644 (file)
--- a/src/pattern.c
+++ b/src/pattern.c
@@ -651,11 +651,18 @@ struct pattern *pat_match_beg(struct sample *smp, struct pattern_expr *expr, int
 
                if (smp->data.u.str.data < smp->data.u.str.size) {
                        /* we may have to force a trailing zero on the test pattern and
-                        * the buffer is large enough to accommodate it.
+                        * the buffer is large enough to accommodate it. If the flag
+                        * CONST is set, duplicate the string
                         */
                        prev = smp->data.u.str.area[smp->data.u.str.data];
-                       if (prev)
-                               smp->data.u.str.area[smp->data.u.str.data] = '\0';
+                       if (prev) {
+                               if (smp->flags & SMP_F_CONST) {
+                                       if (!smp_dup(smp))
+                                               return NULL;
+                               } else {
+                                       smp->data.u.str.area[smp->data.u.str.data] = '\0';
+                               }
+                       }
                }
                else {
                        /* Otherwise, the sample is duplicated. A trailing zero