From: Cyril Bonté Date: Sun, 6 Dec 2009 12:43:42 +0000 (+0100) Subject: [BUG] Configuration parser bug when escaping characters X-Git-Tag: v1.3.23~34 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97c8d9e1a54ac3e8def3f0b0987f7e4ad0a8cb6c;p=thirdparty%2Fhaproxy.git [BUG] Configuration parser bug when escaping characters Today I was testing headers manipulation but I met a bug with my first test. To reproduce it, add for example this line : rspadd Cache-Control:\ max-age=1500 Check the response header, it will provide : Cache-Control: max-age=15000 <= the last character is duplicated This only happens when we use backslashes on the last line of the configuration file, without returning to the line. Also if the last line is like : rspadd Cache-Control:\ max-age=1500\ the last backslash causes a segfault. This is not due to rspadd but to a more general bug in cfgparse.c : ... if (skip) { memmove(line + 1, line + 1 + skip, end - (line + skip + 1)); end -= skip; } ... should be : ... if (skip) { memmove(line + 1, line + 1 + skip, end - (line + skip)); end -= skip; } ... I've reproduced it with haproxy 1.3.22 and the last 1.4 snapshot. (cherry picked from commit dd1b01d027bc3f71006d038942c81613b8872edc) --- diff --git a/src/cfgparse.c b/src/cfgparse.c index 393c517981..65c820ee54 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -3696,7 +3696,7 @@ int readcfgfile(const char *file) } } if (skip) { - memmove(line + 1, line + 1 + skip, end - (line + skip + 1)); + memmove(line + 1, line + 1 + skip, end - (line + skip)); end -= skip; } line++;