From ee58501c062fb56cc9a2073118835af279b9e9d0 Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Thu, 15 Oct 2020 16:08:30 +0200 Subject: [PATCH] BUG/MEDIUM: spoe: Unset variable instead of set it if no data provided If an agent try to set a variable with the NULL data type, an unset is perform instead to avoid undefined behaviors. Once decoded, such data are translated to a sample with the type SMP_T_ANY. It is unexpected in HAProxy. When a variable is set with such sample, no data are attached to the variable. Thus, when the variable is retrieved later in the transaction, the sample data are uninitialized, leading to undefined behaviors depending on how it is used. For instance, it leads to a crash if the debug converter is used on such variable. This patch should fix the issue #855. It must be backported as far as 1.8. (cherry picked from commit 2469eba20fdc01f8ca95726a8c11feaaa8825027) Signed-off-by: Christopher Faulet (cherry picked from commit dee726c36d3ee620f6564f1b6e53930c1f97481c) Signed-off-by: Christopher Faulet --- src/flt_spoe.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/flt_spoe.c b/src/flt_spoe.c index d13a04f..39585ee 100644 --- a/src/flt_spoe.c +++ b/src/flt_spoe.c @@ -2401,7 +2401,10 @@ spoe_decode_action_set_var(struct stream *s, struct spoe_context *ctx, ((struct spoe_config *)FLT_CONF(ctx->filter))->agent->var_pfx, (int)sz, str); - spoe_set_var(ctx, scope, str, sz, &smp); + if (smp.data.type == SMP_T_ANY) + spoe_unset_var(ctx, scope, str, sz, &smp); + else + spoe_set_var(ctx, scope, str, sz, &smp); ret = (p - *buf); *buf = p; -- 1.7.10.4