From: Kevin Zhu <ipandtcp@gmail.com>
Date: Fri, 13 Mar 2020 02:39:51 +0000 (+0800)
Subject: BUG/MEDIUM: spoe: dup agent's engine_id string from trash.area
X-Git-Tag: v2.2-dev5~47
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=079f8087410bff34ebddeebc5c3a45185b8bca8e;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: spoe: dup agent's engine_id string from trash.area

The agent's engine_id forgot to dup from trash, all engine_ids point to
the same address "&trash.area", the engine_id changed at run time and will
double free when release agents and trash.

This bug was introduced by the commit ee3bcddef ("MINOR: tools: add a generic
function to generate UUIDs").

No backport is needed, this is 2.2-dev.
---

diff --git a/src/flt_spoe.c b/src/flt_spoe.c
index df080d8166..57c2246447 100644
--- a/src/flt_spoe.c
+++ b/src/flt_spoe.c
@@ -258,7 +258,7 @@ static char *
 generate_pseudo_uuid()
 {
 	ha_generate_uuid(&trash);
-	return trash.area;
+	return my_strndup(trash.area, trash.data);
 }