BUG/MINOR: sample: Free str.area in smp_check_const_bool
Given the following example configuration:
listen foo
mode http
bind *:8080
http-request set-var(txn.leak) bool(1)
server x example.com:80
Running a configuration check with valgrind reports:
==24233== 2 bytes in 1 blocks are definitely lost in loss record 1 of 345
==24233== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24233== by 0x4E238D: my_strndup (tools.c:2261)
==24233== by 0x581E10: make_arg_list (arg.c:253)
==24233== by 0x4DE90D: sample_parse_expr (sample.c:890)
==24233== by 0x58E2F4: parse_store (vars.c:772)
==24233== by 0x566A2F: parse_http_req_cond (http_rules.c:95)
==24233== by 0x4A4CE6: cfg_parse_listen (cfgparse-listen.c:1339)
==24233== by 0x494C59: readcfgfile (cfgparse.c:2049)
==24233== by 0x545135: init (haproxy.c:2029)
==24233== by 0x421E42: main (haproxy.c:3175)
After this patch is applied the leak is gone as expected.
This is a fairly minor leak, but it can add up for many uses of the `bool()`
sample fetch. The bug most likely exists since the `bool()` sample fetch was
introduced in commit cc103299c75c530ab3637a1698306145bdc85552. The fix may
be backported to HAProxy 1.6+.
diff --git a/src/sample.c b/src/sample.c
index 650b6d5..ff84b3e 100644
--- a/src/sample.c
+++ b/src/sample.c
@@ -3571,12 +3571,14 @@
{
if (strcasecmp(args[0].data.str.area, "true") == 0 ||
strcasecmp(args[0].data.str.area, "1") == 0) {
+ free(args[0].data.str.area);
args[0].type = ARGT_SINT;
args[0].data.sint = 1;
return 1;
}
if (strcasecmp(args[0].data.str.area, "false") == 0 ||
strcasecmp(args[0].data.str.area, "0") == 0) {
+ free(args[0].data.str.area);
args[0].type = ARGT_SINT;
args[0].data.sint = 0;
return 1;