BUG/MAJOR: stream-int: properly check the memory allocation return

In stream_int_register_handler(), we call si_alloc_appctx(si) but as a
mistake, instead of checking the return value for a NULL, we test <si>.
This bug was discovered under extreme memory contention (memory for only
two buffers with 500 connections waiting) and after 3 million failed
connections. While it was very hard to produce it, the fix is tagged
major because in theory it could happen when haproxy runs with a very
low "-m" setting preventing from allocating just the few bytes needed
for an appctx. But most users will never be able to trigger it. The
fix was confirmed to address the bug.

This fix must be backported to 1.5.

diff --git a/src/stream_interface.c b/src/stream_interface.c
index 9f7e979edf51b0e7a156acf9a867d048770d59de..075deef5d826680c71e361d0be4bb6714d6a6ac5 100644 (file)
--- a/src/stream_interface.c
+++ b/src/stream_interface.c
@@ -366,7 +366,7 @@ struct appctx *stream_int_register_handler(struct stream_interface *si, struct s
        DPRINTF(stderr, "registering handler %p for si %p (was %p)\n", app, si, si->owner);
 
        appctx = si_alloc_appctx(si);
-       if (!si)
+       if (!appctx)
                return NULL;
 
        appctx_set_applet(appctx, app);