Fail on NULL IPs in VRT

This breaks the API since some functions didn't take a VRT_CTX until now. Closes #2860

Fail on NULL IPs in VRT
This breaks the API since some functions didn't take a VRT_CTX until now. Closes #2860
1a6af67c · Dridi Boukelmoune · 3cd5a993 · 1a6af67c · 1a6af67c · 1a6af67c
Commit 1a6af67c authored Jan 28, 2019 by Dridi Boukelmoune
5 changed files
--- a/bin/varnishd/cache/cache_backend.c
+++ b/bin/varnishd/cache/cache_backend.c
@@ -534,10 +534,12 @@ VRT_new_backend_clustered(VRT_CTX, struct vsmw_cluster *vc,
 	CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
 	CHECK_OBJ_NOTNULL(vrt, VRT_BACKEND_MAGIC);
-	if (vrt->path == NULL)
+	if (vrt->path == NULL) {
-		assert(vrt->ipv4_suckaddr != NULL ||
+		if (vrt->ipv4_suckaddr == NULL && vrt->ipv6_suckaddr == NULL) {
-		    vrt->ipv6_suckaddr != NULL);
+			VRT_fail(ctx, "%s: Illegal IP", __func__);
-	else
+			return (NULL);
+		}
+	} else
 		assert(vrt->ipv4_suckaddr == NULL &&
 		    vrt->ipv6_suckaddr == NULL);

--- a/bin/varnishd/cache/cache_vrt.c
+++ b/bin/varnishd/cache/cache_vrt.c
@@ -571,8 +571,10 @@ VRT_IP_string(VRT_CTX, VCL_IP ip)
 	unsigned len;
 	CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
-	if (ip == NULL)
+	if (ip == NULL) {
+		VRT_fail(ctx, "%s: Illegal IP", __func__);
 		return (NULL);
+	}
 	len = WS_ReserveAll(ctx->ws);
 	if (len == 0) {
 		WS_Release(ctx->ws, 0);
@@ -836,10 +838,15 @@ VRT_memmove(void *dst, const void *src, unsigned len)
 }
 VCL_BOOL
-VRT_ipcmp(VCL_IP sua1, VCL_IP sua2)
+VRT_ipcmp(VRT_CTX, VCL_IP sua1, VCL_IP sua2)
 {
-	if (sua1 == NULL || sua2 == NULL)
-		return (1);
+	CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
+	if (sua1 == NULL || sua2 == NULL) {
+		VRT_fail(ctx, "%s: Illegal IP", __func__);
+		return(1);
+	}
 	return (VSA_Compare_IP(sua1, sua2));
 }
@@ -851,6 +858,9 @@ VRT_blob(VRT_CTX, const char *err, const void *src, size_t len, unsigned type)
 {
 	struct vrt_blob *p;
+	CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
+	CHECK_OBJ_NOTNULL(ctx->ws, WS_MAGIC);
 	p = (void *)WS_Alloc(ctx->ws, sizeof *p);
 	if (p == NULL) {
 		VRT_fail(ctx, "Workspace overflow (%s)", err);
@@ -865,7 +875,16 @@ VRT_blob(VRT_CTX, const char *err, const void *src, size_t len, unsigned type)
 }
 int
-VRT_VSA_GetPtr(const struct suckaddr *sua, const unsigned char ** dst)
+VRT_VSA_GetPtr(VRT_CTX, const struct suckaddr *sua, const unsigned char ** dst)
 {
+	CHECK_OBJ_NOTNULL(ctx, VRT_CTX_MAGIC);
+	AN(dst);
+	if (sua == NULL) {
+		VRT_fail(ctx, "%s: Illegal IP", __func__);
+		*dst = NULL;
+		return (-1);
+	}
 	return (VSA_GetPtr(sua, dst));
 }
--- a/include/vrt.h
+++ b/include/vrt.h
@@ -60,6 +60,8 @@
 *	VRT_vcl_get moved to vcc_interface.h
 *	VRT_vcl_rel emoved to vcc_interface.h
 *	VRT_vcl_select emoved to vcc_interface.h
+ *	VRT_VSA_GetPtr() changed
+ *	VRT_ipcmp() changed
 *	[cache.h] WS_ReserveAll() added
 *	[cache.h] WS_Reserve(ws, 0) deprecated
 * 9.0 (2019-03-15)
@@ -67,8 +69,8 @@
 *	HTTP_Copy() removed
 *	HTTP_Dup() added
 *	HTTP_Clone() added
- *	changed type of VCL_BLOB to newly introduced struct vrt_blob *
+ *	VCL_BLOB changed to newly introduced struct vrt_blob *
- *	changed VRT_blob()
+ *	VRT_blob() changed
 *	req->req_bodybytes removed
 *	    use: AZ(ObjGetU64(req->wrk, req->body_oc, OA_LEN, &u));
 *	struct vdi_methods .list callback signature changed
@@ -447,7 +449,7 @@ VCL_VOID VRT_hashdata(VRT_CTX, const char *str, ...);
 /* Simple stuff */
 int VRT_strcmp(const char *s1, const char *s2);
 void VRT_memmove(void *dst, const void *src, unsigned len);
-VCL_BOOL VRT_ipcmp(VCL_IP, VCL_IP);
+VCL_BOOL VRT_ipcmp(VRT_CTX, VCL_IP, VCL_IP);
 VCL_BLOB VRT_blob(VRT_CTX, const char *, const void *, size_t, unsigned);
 VCL_VOID VRT_Rollback(VRT_CTX, VCL_HTTP);
@@ -513,7 +515,7 @@ VCL_BACKEND VRT_LookupDirector(VRT_CTX, VCL_STRING);
 void VRT_DelDirector(VCL_BACKEND *);
 /* Suckaddr related */
-int VRT_VSA_GetPtr(VCL_IP sua, const unsigned char ** dst);
+int VRT_VSA_GetPtr(VRT_CTX, VCL_IP sua, const unsigned char ** dst);
 typedef int vmod_event_f(VRT_CTX, struct vmod_priv *, enum vcl_event_e);

--- a/lib/libvcc/vcc_acl.c
+++ b/lib/libvcc/vcc_acl.c
@@ -364,7 +364,7 @@ vcc_acl_emit(struct vcc *tl, const char *name, const char *rname, int anon)
 	Fh(tl, 0, "\tconst unsigned char *a;\n");
 	Fh(tl, 0, "\tint fam;\n");
 	Fh(tl, 0, "\n");
-	Fh(tl, 0, "\tfam = VRT_VSA_GetPtr(p, &a);\n");
+	Fh(tl, 0, "\tfam = VRT_VSA_GetPtr(ctx, p, &a);\n");
 	Fh(tl, 0, "\tif (fam < 0) {\n");
 	Fh(tl, 0, "\t\tVRT_acl_log(ctx, \"NO_FAM %s\");\n", name);
 	Fh(tl, 0, "\t\treturn(0);\n");

--- a/lib/libvcc/vcc_expr.c
+++ b/lib/libvcc/vcc_expr.c
@@ -1067,8 +1067,8 @@ static const struct cmps vcc_cmps[] = {
 	{BOOL,		T_EQ,		cmp_simple, "((!(\v1)) == (!(\v2)))" },
 	{BOOL,		T_NEQ,		cmp_simple, "((!(\v1)) != (!(\v2)))" },
-	{IP,		T_EQ,		cmp_simple, "!VRT_ipcmp(\v1, \v2)" },
+	{IP,		T_EQ,		cmp_simple, "!VRT_ipcmp(ctx, \v1, \v2)" },
-	{IP,		T_NEQ,		cmp_simple, "VRT_ipcmp(\v1, \v2)" },
+	{IP,		T_NEQ,		cmp_simple, "VRT_ipcmp(ctx, \v1, \v2)" },
 	{IP,		'~',		cmp_acl, "" },
 	{IP,		T_NOMATCH,	cmp_acl, "!" },