BUG/MAJOR: dns: fix null pointer dereference in snr_update_srv_status
Since commit 13a9232eb ("MEDIUM: dns: use Additional records from SRV
responses"), a struct server can have a NULL dns_requester->resolution,
when SRV records are used and DNS answers contain an Additional section.
This is a problem when we call snr_update_srv_status() because it does
not check that resolution is NULL, and dereferences it. This patch
simply adds a test for resolution being NULL. When that happens, it means
we are using SRV records with Additional records, and an entry was removed.
This should fix issue #775.
This should be backported to 2.2.
diff --git a/src/server.c b/src/server.c
index a622e22..918294b 100644
--- a/src/server.c
+++ b/src/server.c
@@ -3731,6 +3731,15 @@
struct dns_resolution *resolution = s->dns_requester->resolution;
int exp;
+ /* If resolution is NULL we're dealing with SRV records Additional records */
+ if (resolution == NULL) {
+ if (s->next_admin & SRV_ADMF_RMAINT)
+ return 1;
+
+ srv_set_admin_flag(s, SRV_ADMF_RMAINT, "entry removed from SRV record");
+ return 0;
+ }
+
switch (resolution->status) {
case RSLV_STATUS_NONE:
/* status when HAProxy has just (re)started.