From fe71ad89da6638be39f71824cdab7ef015a575d2 Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Tue, 6 Aug 2024 11:32:10 +0200 Subject: [PATCH] BUG/MEDIUM: trace: fix null deref in lockon mechanism since TRACE_ENABLED() When calling TRACE_ENABLED(), which is called by TRACE_PRINTF(), we pass a NULL plockptr to __trace_enabled(). This argument is used when lockon is active, and may update the pointer. This is an overlook which also broke the lockon mechanism because now for calls from __trace(), it dereferences a pointer pointing to NULL, and never updates it due to the broken condition, so that trace() never sets up src->lockon_ptr. The bug was introduced in 2.8 by commit 8f9a9704bb ("MINOR: trace: add a TRACE_ENABLED() macro to determine if a trace is active"), so the fix must be backported there. (cherry picked from commit b5df6b5a31b86b4403f00b7e0230c97883eca0f3) Signed-off-by: Christopher Faulet --- src/trace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/trace.c b/src/trace.c index a2fd31e..8f6519d 100644 --- a/src/trace.c +++ b/src/trace.c @@ -205,7 +205,7 @@ int __trace_enabled(enum trace_level level, uint64_t mask, struct trace_source * if (src->lockon_ptr && src->lockon_ptr != lockon_ptr) return 0; - if (*plockptr && !src->lockon_ptr && lockon_ptr && src->state == TRACE_STATE_RUNNING) + if (plockptr && !src->lockon_ptr && lockon_ptr && src->state == TRACE_STATE_RUNNING) *plockptr = lockon_ptr; } -- 1.7.10.4