From: Christopher Faulet Date: Thu, 6 Nov 2025 14:51:27 +0000 (+0100) Subject: BUG/MINOR: config: Limit "tune.maxpollevents" parameter to 1000000 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c6f68901ccaddddca760bd45e6869161f4f7f846;p=thirdparty%2Fhaproxy.git BUG/MINOR: config: Limit "tune.maxpollevents" parameter to 1000000 "tune.maxpollevents" global parameter was not limited. It was possible to set any integer value. But this value is used to allocate the array of events used by epoll. With a huge value, it seems the allocation silently fail, making haproxy totally unresponsive. So let's to limit its value to 1 million. It is pretty high and it should not be an issue to forbid greater values. The documentation was updated accordingly. This patch could be backported to all stable branches. --- diff --git a/doc/configuration.txt b/doc/configuration.txt index 1f53e9bd6..70a1a81f9 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -4612,7 +4612,8 @@ tune.maxpollevents the polling system. The default value is adapted to the operating system. It has been noticed that reducing it below 200 tends to slightly decrease latency at the expense of network bandwidth, and increasing it above 200 - tends to trade latency for slightly increased bandwidth. + tends to trade latency for slightly increased bandwidth. The configured value + must be lower than or equal to 1000000. tune.maxrewrite Sets the reserved buffer space to this size in bytes. The reserved space is diff --git a/src/cfgparse-global.c b/src/cfgparse-global.c index 28442c1b0..2317cc5dd 100644 --- a/src/cfgparse-global.c +++ b/src/cfgparse-global.c @@ -1134,6 +1134,8 @@ static int cfg_parse_global_tune_opts(char **args, int section_type, } else if (strcmp(args[0], "tune.maxpollevents") == 0) { + long max; + if (global.tune.maxpollevents != 0) { memprintf(err, "'%s' already specified. Continuing.", args[0]); return 1; @@ -1142,8 +1144,12 @@ static int cfg_parse_global_tune_opts(char **args, int section_type, memprintf(err, "'%s' expects an integer argument.", args[0]); return -1; } - global.tune.maxpollevents = atol(args[1]); - + max = atol(args[1]); + if (max > 1000000) { + memprintf(err, "'%s' expects an integer value lower than or equal to 1000000.", args[0]); + return -1; + } + global.tune.maxpollevents = max; return 0; } else if (strcmp(args[0], "tune.max-rules-at-once") == 0) {