BUG/MEDIUM: payload: ensure that a request channel is available

Denys Fedoryshchenko reported a segfault when using certain
sample fetch functions in the "tcp-request connection" rulesets
despite the warnings. This is because some tests for the existence
of the channel were missing.

The fetches which were fixed are :
  - req.ssl_hello_type
  - rep.ssl_hello_type
  - req.ssl_sni

This fix must be backported to 1.5.

diff --git a/src/payload.c b/src/payload.c
index 4057f6f85601f8f280d0d038664a9cd64fbd2f4c..f62163c4143caa293f902ceb877e1596993ebb12 100644 (file)
--- a/src/payload.c
+++ b/src/payload.c
@@ -72,6 +72,9 @@ smp_fetch_ssl_hello_type(struct proxy *px, struct session *s, void *l7, unsigned
 
        chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
 
+       if (!chn)
+               goto not_ssl_hello;
+
        bleft = chn->buf->i;
        data = (const unsigned char *)chn->buf->p;
 
@@ -276,6 +279,9 @@ smp_fetch_ssl_hello_sni(struct proxy *px, struct session *s, void *l7, unsigned
 
        chn = ((opt & SMP_OPT_DIR) == SMP_OPT_DIR_RES) ? s->rep : s->req;
 
+       if (!chn)
+               goto not_ssl_hello;
+
        bleft = chn->buf->i;
        data = (unsigned char *)chn->buf->p;