From: Christopher Faulet <cfaulet@haproxy.com>
Date: Mon, 23 Jun 2025 05:33:06 +0000 (+0200)
Subject: BUG/MINOR: stream: Avoid recursive evaluation for unique-id based on itself
X-Git-Tag: v3.3-dev2~25
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fb7b5c8a53cb4f19a223abd20660d47162aa8708;p=thirdparty%2Fhaproxy.git

BUG/MINOR: stream: Avoid recursive evaluation for unique-id based on itself

There is nothing that prevent a "unique-id-format" to reference itself,
using '%ID' or '%[unique-id]'. If the sample fetch function is used, it
leads to an infinite loop, calling recursively the function responsible to
generate the unique ID.

One solution is to detect it during the configuration parsing to trigger an
error. With this patch, we just inhibit recursive calls by considering the
unique-id as empty during its evaluation. So "id-%[unique-id]" lf string
will be evaluated as "id-".

This patch must be backported to all stable versions.
---

diff --git a/src/stream.c b/src/stream.c
index 005b49eea..019d252f9 100644
--- a/src/stream.c
+++ b/src/stream.c
@@ -2942,12 +2942,12 @@ struct ist stream_generate_unique_id(struct stream *strm, struct lf_expr *format
 	}
 	else {
 		char *unique_id;
-		int length;
+
 		if ((unique_id = pool_alloc(pool_head_uniqueid)) == NULL)
 			return IST_NULL;
 
-		length = build_logline(strm, unique_id, UNIQUEID_LEN, format);
-		strm->unique_id = ist2(unique_id, length);
+		strm->unique_id = ist2(unique_id, 0);
+		strm->unique_id.len = build_logline(strm, unique_id, UNIQUEID_LEN, format);
 
 		return strm->unique_id;
 	}