BUG/MINOR: cfgparse-listen: fix ebpt_next_dup pointer dereference on proxy "from" inheritance
ebpt_next_dup() was used 2 times in a row but only the first call was
checked against NULL, probably assuming that the 2 calls always yield the
same result here.
gcc is not OK with that, and it should be safer to store the result of
the first call in a temporary var to dereference it once checked against NULL.
This should fix GH #1869.
Thanks to Ilya for reporting this issue.
It may be backported up to 2.4.
diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c
index 258a358..2585644 100644
--- a/src/cfgparse-listen.c
+++ b/src/cfgparse-listen.c
@@ -291,6 +291,8 @@
curr_defproxy = last_defproxy;
if (strcmp(args[arg], "from") == 0) {
+ struct ebpt_node *next_by_name;
+
curr_defproxy = proxy_find_by_name(args[arg+1], PR_CAP_DEF, 0);
if (!curr_defproxy) {
@@ -299,8 +301,8 @@
goto out;
}
- if (ebpt_next_dup(&curr_defproxy->conf.by_name)) {
- struct proxy *px2 = container_of(ebpt_next_dup(&curr_defproxy->conf.by_name), struct proxy, conf.by_name);
+ if ((next_by_name = ebpt_next_dup(&curr_defproxy->conf.by_name))) {
+ struct proxy *px2 = container_of(next_by_name, struct proxy, conf.by_name);
ha_alert("parsing [%s:%d] : ambiguous defaults section name '%s' referenced by %s '%s' exists at least at %s:%d and %s:%d.\n",
file, linenum, args[arg+1], proxy_cap_str(rc), name,