BUG/MINOR: http_fetch: make hdr_ip() resistant to empty fields

The fix in commit 7b0e00d94 ("BUG/MINOR: http_fetch: make hdr_ip() reject
trailing characters") made hdr_ip() more sensitive to empty fields, for
example if a trusted proxy incorrectly sends the header with an empty
value, we could return 0.0.0.0 which is not correct. Let's make sure we
only assign an IPv4 type here when a non-empty address was found.

This should be backported to all branches where the fix above was
backported.

(cherry picked from commit 645dc08533531416b91ca74ff5aa03154dc0ee50)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit 48b6abfdbb9eaba62797bc7af86392b53c67c19d)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit 25b66ddf2cd7246aa9f79aa6dce40a5363ca9ffe)
Signed-off-by: Willy Tarreau <w@1wt.eu>

diff --git a/src/http_fetch.c b/src/http_fetch.c
index e07bab4..f256fad 100644 (file)
--- a/src/http_fetch.c
+++ b/src/http_fetch.c
@@ -975,7 +975,7 @@ static int smp_fetch_hdr_ip(const struct arg *args, struct sample *smp, const ch
                               smp->data.u.str.data);
                        temp->area[smp->data.u.str.data] = '\0';
                        len = url2ipv4((char *) temp->area, &smp->data.u.ipv4);
-                       if (len == smp->data.u.str.data) {
+                       if (len > 0 && len == smp->data.u.str.data) {
                                /* plain IPv4 address */
                                smp->data.type = SMP_T_IPV4;
                                break;