]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f1dcced)
BUG/MINOR: cfgparse: Abort parsing the current line if an invalid \x sequence is...
authorTim Duesterhus <tim@bastelstu.be>
Thu, 7 May 2020 17:21:31 +0000 (19:21 +0200)
committerWilly Tarreau <w@1wt.eu>
Thu, 7 May 2020 20:46:25 +0000 (22:46 +0200)
This fixes OSS Fuzz issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21931.

OSS Fuzz detected a hang on configuration parsing for a 200kB line with a large number of
invalid escape sequences. Most likely due to the amounts of error output generated.

This issue is very minor, because usually generated configurations are to be trusted.

The bug exists since at the very least HAProxy 1.4. The patch may be backported if desired.

src/cfgparse.c patch | blob | blame | history

diff --git a/src/cfgparse.c b/src/cfgparse.c
index 5627fe2801d883c8cf2720b78d340749514bd22d..5815da0a9d60d72d044f3b85d7629b1e80060a56 100644 (file)
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -1967,6 +1967,7 @@ next_line:
                                        else {
                                                ha_alert("parsing [%s:%d] : invalid or incomplete '\\x' sequence in '%s'.\n", file, linenum, args[0]);
                                                err_code |= ERR_ALERT | ERR_FATAL;
+                                               goto next_line;
                                        }
                                } else if (line[1] == '"') {
                                        *line = '"';
Mirror of https://github.com/haproxy/haproxy.git