include $(TOPDIR)/rules.mk
PKG_NAME:=haproxy
-PKG_VERSION:=2.1.3
+PKG_VERSION:=2.1.4
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.haproxy.org/download/2.1/src
-PKG_HASH:=bb678e550374d0d9d9312885fb9d270b501dae9e3b336f0a4379c667dae00b59
+PKG_HASH:=51030ff696d7067162b4d24d354044293aecfbb36d7acc2f840c8d928bfe91cd
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de>, \
Christian Lachner <gladiac@gmail.com>
#!/bin/sh
CLONEURL=https://git.haproxy.org/git/haproxy-2.1.git
-BASE_TAG=v2.1.3
+BASE_TAG=v2.1.4
TMP_REPODIR=tmprepo
PATCHESDIR=patches
--- /dev/null
+commit c7a203a6c75e4efff5f3d5d675d925f11b47dba1
+Author: Frédéric Lécaille <flecaille@haproxy.com>
+Date: Thu Apr 2 14:24:31 2020 +0200
+
+ BUG/MINOR: protocol_buffer: Wrong maximum shifting.
+
+ This patch fixes a bad stop condition when decoding a protocol buffer variable integer
+ whose maximum lenghts are 10, shifting a uint64_t value by more than 63.
+
+ Thank you to Ilya for having reported this issue.
+
+ Must be backported to 2.1 and 2.0.
+
+ (cherry picked from commit 876ed55d9b8d0c298b6cac1003ec365a19bf7aad)
+ Signed-off-by: Willy Tarreau <w@1wt.eu>
+
+diff --git a/include/proto/protocol_buffers.h b/include/proto/protocol_buffers.h
+index 69f0bdf81..0426d83d2 100644
+--- a/include/proto/protocol_buffers.h
++++ b/include/proto/protocol_buffers.h
+@@ -158,7 +158,7 @@ protobuf_varint(uint64_t *val, unsigned char *pos, size_t len)
+
+ shift += 7;
+ /* The maximum length in bytes of a 64-bit encoded value is 10. */
+- if (shift > 70)
++ if (shift > 63)
+ return 0;
+ }
+
+@@ -194,7 +194,7 @@ protobuf_decode_varint(uint64_t *val, unsigned char **pos, size_t *len)
+
+ shift += 7;
+ /* The maximum length in bytes of a 64-bit encoded value is 10. */
+- if (shift > 70)
++ if (shift > 63)
+ return 0;
+ }
+
+@@ -227,7 +227,7 @@ protobuf_skip_varint(unsigned char **pos, size_t *len, size_t vlen)
+
+ shift += 7;
+ /* The maximum length in bytes of a 64-bit encoded value is 10. */
+- if (shift > 70)
++ if (shift > 63)
+ return 0;
+ }
+
+@@ -263,7 +263,7 @@ protobuf_varint_getlen(unsigned char *pos, size_t len)
+
+ shift += 7;
+ /* The maximum length in bytes of a 64-bit encoded value is 10. */
+- if (shift > 70)
++ if (shift > 63)
+ return -1;
+ }
+
+++ /dev/null
---- a/Makefile
-+++ b/Makefile
-@@ -339,6 +339,15 @@ ifeq ($(TARGET),linux-glibc)
- USE_ACCEPT4 USE_LINUX_SPLICE USE_PRCTL USE_THREAD_DUMP USE_GETADDRINFO)
- endif
-
-+# For linux >= 2.6.28 and uclibc
-+ifeq ($(TARGET),linux-uclibc)
-+ set_target_defaults = $(call default_opts, \
-+ USE_POLL USE_TPROXY USE_DL USE_RT USE_NETFILTER \
-+ USE_CPU_AFFINITY USE_THREAD USE_EPOLL USE_FUTEX USE_LINUX_TPROXY \
-+ USE_ACCEPT4 USE_LINUX_SPLICE USE_PRCTL USE_THREAD_DUMP USE_NS USE_TFO \
-+ USE_GETADDRINFO)
-+endif
-+
- # Solaris 8 and above
- ifeq ($(TARGET),solaris)
- # We also enable getaddrinfo() which works since solaris 8.
--- /dev/null
+--- a/Makefile
++++ b/Makefile
+@@ -342,6 +342,15 @@ ifeq ($(TARGET),linux-glibc)
+ USE_ACCEPT4 USE_LINUX_SPLICE USE_PRCTL USE_THREAD_DUMP USE_GETADDRINFO)
+ endif
+
++# For linux >= 2.6.28 and uclibc
++ifeq ($(TARGET),linux-uclibc)
++ set_target_defaults = $(call default_opts, \
++ USE_POLL USE_TPROXY USE_DL USE_RT USE_NETFILTER \
++ USE_CPU_AFFINITY USE_THREAD USE_EPOLL USE_FUTEX USE_LINUX_TPROXY \
++ USE_ACCEPT4 USE_LINUX_SPLICE USE_PRCTL USE_THREAD_DUMP USE_NS USE_TFO \
++ USE_GETADDRINFO)
++endif
++
+ # Solaris 8 and above
+ ifeq ($(TARGET),solaris)
+ # We also enable getaddrinfo() which works since solaris 8.
projects / feed / packages.git / commitdiff