From: Willy Tarreau Date: Thu, 23 Nov 2023 13:28:14 +0000 (+0100) Subject: BUG/MINOR: server: do not leak default-server in defaults sections X-Git-Tag: v2.9-dev11~29 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=53da8bfcb6d3f4918a45fe77347317ad885ba25e;p=thirdparty%2Fhaproxy.git BUG/MINOR: server: do not leak default-server in defaults sections When a default-server directive is used in a defaults section, it's never freed and the "defaults" proxy gets reset without freeing the fields from that default-server. Normally there are no allocation there, except for the config file location stored in srv->conf.file form an strdup() since commit 9394a9444 ("REORG: server: move alert traces in parse_server") that appeared in 2.4. In addition, if a "default-server" directive appears multiple times in a defaults section, one more entry will be leaked per call. This commit addresses this by checking that we don't overwrite the file upon multiple calls, and by clearing it when resetting the default proxy. This should be backported to 2.4. --- diff --git a/src/proxy.c b/src/proxy.c index 0bac0898f1..3e126378f5 100644 --- a/src/proxy.c +++ b/src/proxy.c @@ -1517,6 +1517,7 @@ void proxy_free_defaults(struct proxy *defproxy) ha_free(&defproxy->id); ha_free(&defproxy->conf.file); + ha_free((char **)&defproxy->defsrv.conf.file); ha_free(&defproxy->check_command); ha_free(&defproxy->check_path); ha_free(&defproxy->cookie_name); diff --git a/src/server.c b/src/server.c index 138d692729..78c3b532dc 100644 --- a/src/server.c +++ b/src/server.c @@ -3292,7 +3292,8 @@ int parse_server(const char *file, int linenum, char **args, if (err_code & ERR_CODE) goto out; - newsrv->conf.file = strdup(file); + if (!newsrv->conf.file) // note: do it only once for default-server + newsrv->conf.file = strdup(file); newsrv->conf.line = linenum; while (*args[cur_arg]) {