BUG/MINOR: stick-table/cli: Check for invalid ipv6 key

When an ipv6 key is used to filter a CLI command on a stick table
(clear/set/show table ...), the return value of inet_pton() call must be
checked to be sure the key is valid.

This patch should fix the issue #1163. It should be backported to all
supported versions.

(cherry picked from commit b7c962b0c070a0c6ad35eaed332869a36cb931cf)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit 1e850b52a1cb350620a31641452089caeb1c0318)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

diff --git a/src/stick_table.c b/src/stick_table.c
index 71a40b0..1176076 100644 (file)
--- a/src/stick_table.c
+++ b/src/stick_table.c
@@ -3459,7 +3459,8 @@ static int table_process_entry_per_key(struct appctx *appctx, char **args)
                static_table_key.key = &uint32_key;
                break;
        case SMP_T_IPV6:
-               inet_pton(AF_INET6, args[4], ip6_key);
+               if (inet_pton(AF_INET6, args[4], ip6_key) <= 0)
+                       return cli_err(appctx, "Invalid key\n");
                static_table_key.key = &ip6_key;
                break;
        case SMP_T_SINT: