BUG/MINOR: config/userlist: Support one 'users' option for 'group' directive
authorChristopher Faulet <cfaulet@haproxy.com>
Thu, 6 Feb 2025 15:21:20 +0000 (16:21 +0100)
committerAmaury Denoyelle <adenoyelle@haproxy.com>
Tue, 18 Mar 2025 14:58:59 +0000 (15:58 +0100)
When a group is defined in a userlist section, only one 'users' option is
expected. But it was not tested. Thus it was possible to set several options
leading to a memory leak.

It is now tested, and it is not allowed to redefine the users option.

It was reported by Coverity in #2841: CID 1587771.

This patch could be backported to all stable versions.

(cherry picked from commit a1e14d2a8272511c29d9225a61c74dc89847287d)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit 4c9c15e3fcf489b5fb609c6f0f1c9e06047c7cef)
Signed-off-by: Amaury Denoyelle <adenoyelle@haproxy.com>

src/cfgparse.c

index 4e36960..7e28804 100644 (file)
@@ -1413,6 +1413,15 @@ cfg_parse_users(const char *file, int linenum, char **args, int kwm)
 
                while (*args[cur_arg]) {
                        if (strcmp(args[cur_arg], "users") == 0) {
+                               if (ag->groupusers) {
+                                       ha_alert("parsing [%s:%d]: 'users' option already defined in '%s' name '%s'.\n",
+                                                file, linenum, args[0], args[1]);
+                                       err_code |= ERR_ALERT | ERR_FATAL;
+                                       free(ag->groupusers);
+                                       free(ag->name);
+                                       free(ag);
+                                       goto out;
+                               }
                                ag->groupusers = strdup(args[cur_arg + 1]);
                                cur_arg += 2;
                                continue;