From: Willy Tarreau <w@1wt.eu>
Date: Fri, 17 Oct 2014 09:53:05 +0000 (+0200)
Subject: BUG/MINOR: config: do not accept more track-sc than configured
X-Git-Tag: v1.6-dev1~295
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e1cfc1f2b469fb86b9826ff12cdd6a24a1f3ded0;p=thirdparty%2Fhaproxy.git

BUG/MINOR: config: do not accept more track-sc than configured

MAX_SESS_STKCTR allows one to define the number of stick counters that can
be used in parallel in track-sc* rules. The naming of this macro creates
some confusion because the value there is sometimes used as a max instead
of a count, and the config parser accepts values from 0 to MAX_SESS_STKCTR
and the processing ignores anything tracked on the last one. This means
that by default, track-sc3 is allowed and ignored.

This fix must be backported to 1.5 where the problem there only affects
TCP rules.
---

diff --git a/src/proto_http.c b/src/proto_http.c
index 89e91a9860..3a3aa80306 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -9016,7 +9016,7 @@ struct http_req_rule *parse_http_req_cond(const char **args, const char *file, i
 		cur_arg += 1;
 	} else if (strncmp(args[0], "track-sc", 8) == 0 &&
 		 args[0][9] == '\0' && args[0][8] >= '0' &&
-		 args[0][8] <= '0' + MAX_SESS_STKCTR) { /* track-sc 0..9 */
+		 args[0][8] < '0' + MAX_SESS_STKCTR) { /* track-sc 0..9 */
 		struct sample_expr *expr;
 		unsigned int where;
 		char *err = NULL;
diff --git a/src/proto_tcp.c b/src/proto_tcp.c
index 940c3f1142..acabbcd548 100644
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@@ -1427,7 +1427,7 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type,
 	}
 	else if (strncmp(args[arg], "track-sc", 8) == 0 &&
 		 args[arg][9] == '\0' && args[arg][8] >= '0' &&
-		 args[arg][8] <= '0' + MAX_SESS_STKCTR) { /* track-sc 0..9 */
+		 args[arg][8] < '0' + MAX_SESS_STKCTR) { /* track-sc 0..9 */
 		struct sample_expr *expr;
 		int kw = arg;
 
@@ -1491,7 +1491,7 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type,
 		memprintf(err,
 		          "'%s %s' expects 'accept', 'reject', 'track-sc0' ... 'track-sc%d' "
 		          " in %s '%s' (got '%s')",
-		          args[0], args[1], MAX_SESS_STKCTR, proxy_type_str(curpx), curpx->id, args[arg]);
+		          args[0], args[1], MAX_SESS_STKCTR-1, proxy_type_str(curpx), curpx->id, args[arg]);
 		return -1;
 	}