From c67d764d8ae636c378951243fa4038e2dedbf7a8 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Thu, 20 Jan 2022 08:31:50 +0100 Subject: [PATCH] BUG/MEDIUM: mcli: do not try to parse empty buffers When pcli_parse_request() is called with an empty buffer, it still tries to parse it and can go on believing it finds an empty request if the last char before the beginning of the buffer is a '\n'. In this case it overwrites it with a zero and processes it as an empty command, doing nothing but not making the buffer progress. This results in an infinite loop that is stopped by the watchdog. For a reason related to another issue (yet to be fixed), this can easily be reproduced by pipelining lots of commands such as "show version". Let's add a length check after the search for a '\n'. This needs to be backported as far as 2.0. (cherry picked from commit 6cd93f52e974aca4dac7aa2756c4e17659ae5354) Signed-off-by: Willy Tarreau --- src/cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cli.c b/src/cli.c index 37ac609..59cee7a 100644 --- a/src/cli.c +++ b/src/cli.c @@ -2324,7 +2324,7 @@ int pcli_parse_request(struct stream *s, struct channel *req, char **errmsg, int end = p + reql; /* there is no end to this command, need more to parse ! */ - if (*(end-1) != '\n') { + if (!reql || *(end-1) != '\n') { return -1; } -- 1.7.10.4