BUG/MINOR: tcpcheck: Don't use arg list for default proxies during parsing

During tcp/http check rules parsing, when a sample fetch or a log-format
string is parsed, the proxy's argument list used to track unresolved
argument is no longer passed for default proxies. It means it is no longer
possible to rely on sample fetches depending on the execution context (for
instance 'nbsrv').

It is important to avoid HAProxy crashes because these arguments are
resolved during the configuration validity check. But, default proxies are
not evaluated during this stage. Thus, these arguments remain unresolved.

It will probably be possible to relax this rule. But to ease backports, it
is forbidden for now.

This patch must be backported as far as 2.2. It depends on the commit
"MINOR: arg: Be able to forbid unresolved args when building an argument
list".  It must be adapted for the 2.3 because PR_CAP_DEF capability was
introduced in the 2.4. A solution may be to test The proxy's id agains NULL.

diff --git a/src/log.c b/src/log.c
index cf82832db0f58368fb1790d36a80df512bbbbb3f..1e08b66c43d977e8c2982cd368273780807ed0e3 100644 (file)
--- a/src/log.c
+++ b/src/log.c
@@ -415,7 +415,8 @@ int add_sample_to_logformat_list(char *text, char *arg, int arg_len, struct prox
        cmd[1] = "";
        cmd_arg = 0;
 
-       expr = sample_parse_expr(cmd, &cmd_arg, curpx->conf.args.file, curpx->conf.args.line, err, &curpx->conf.args, endptr);
+       expr = sample_parse_expr(cmd, &cmd_arg, curpx->conf.args.file, curpx->conf.args.line, err,
+                                (curpx->cap & PR_CAP_DEF) ? NULL: &curpx->conf.args, endptr);
        if (!expr) {
                memprintf(err, "failed to parse sample expression <%s> : %s", text, *err);
                goto error_free;

diff --git a/src/tcpcheck.c b/src/tcpcheck.c
index 2b93af5461da45d25be1f585f6db83e0b73e42b3..c34095df7331d23516464651ded7f4e816d9d529 100644 (file)
--- a/src/tcpcheck.c
+++ b/src/tcpcheck.c
@@ -2432,7 +2432,7 @@ struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, struct pr
 
                                px->conf.args.ctx = ARGC_SRV;
                                port_expr = sample_parse_expr((char *[]){args[cur_arg], NULL}, &idx,
-                                                             file, line, errmsg, &px->conf.args, NULL);
+                                                             file, line, errmsg, (px->cap & PR_CAP_DEF) ? NULL: &px->conf.args, NULL);
 
                                if (!port_expr) {
                                        memprintf(errmsg, "error detected while parsing port expression : %s", *errmsg);
@@ -3234,7 +3234,7 @@ struct tcpcheck_rule *parse_tcpcheck_expect(char **args, int cur_arg, struct pro
                        release_sample_expr(status_expr);
                        px->conf.args.ctx = ARGC_SRV;
                        status_expr = sample_parse_expr((char *[]){args[cur_arg], NULL}, &idx,
-                                                       file, line, errmsg, &px->conf.args, NULL);
+                                                       file, line, errmsg, (px->cap & PR_CAP_DEF) ? NULL: &px->conf.args, NULL);
                        if (!status_expr) {
                                memprintf(errmsg, "error detected while parsing status-code expression : %s", *errmsg);
                                goto error;

diff --git a/src/vars.c b/src/vars.c
index a4c6f4528803457dadac2964a0d677f55cfc7f4e..37ff5f7744e8b8c657aa8e1a7ee26388829ea376 100644 (file)
--- a/src/vars.c
+++ b/src/vars.c
@@ -878,7 +878,7 @@ static enum act_parse_ret parse_store(const char **args, int *arg, struct proxy
        } else {
                /* set-var */
                rule->arg.vars.expr = sample_parse_expr((char **)args, arg, px->conf.args.file,
-                                                       px->conf.args.line, err, &px->conf.args, NULL);
+                                                       px->conf.args.line, err, (px->cap & PR_CAP_DEF) ? NULL: &px->conf.args, NULL);
                if (!rule->arg.vars.expr)
                        return ACT_RET_PRS_ERR;