Overview

File bsc-1228123.patch of Package keepalived.36072

--- keepalived-2.0.19/keepalived/core/global_parser.c.orig	2024-10-15 12:27:31.630500004 +0200
+++ keepalived-2.0.19/keepalived/core/global_parser.c	2024-10-15 12:34:23.901423436 +0200
@@ -846,11 +846,20 @@ static void
 vrrp_ipsets_handler(const vector_t *strvec)
 {
 	size_t len;
+	unsigned sn0, sn1;
+	const char **set_names[] = {
+		&global_data->vrrp_ipset_address,
+		&global_data->vrrp_ipset_address6,
+		&global_data->vrrp_ipset_address_iface6,
+		&global_data->vrrp_ipset_igmp,
+		&global_data->vrrp_ipset_mld,
+	};
+	global_data->using_ipsets = PARAMETER_UNSET;
 
 	if (vector_size(strvec) >= 2) {
 		if (strlen(strvec_slot(strvec,1)) >= sizeof(global_data->vrrp_ipset_address)-1) {
 			report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset address name too long - ignored");
-			return;
+			goto ipset_error;
 		}
 		strcpy(global_data->vrrp_ipset_address, strvec_slot(strvec,1));
 	}
@@ -862,7 +871,7 @@ vrrp_ipsets_handler(const vector_t *strv
 	if (vector_size(strvec) >= 3) {
 		if (strlen(strvec_slot(strvec,2)) >= sizeof(global_data->vrrp_ipset_address6)-1) {
 			report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset IPv6 address name too long - ignored");
-			return;
+			goto ipset_error;
 		}
 		strcpy(global_data->vrrp_ipset_address6, strvec_slot(strvec,2));
 	}
@@ -875,7 +884,7 @@ vrrp_ipsets_handler(const vector_t *strv
 	if (vector_size(strvec) >= 4) {
 		if (strlen(strvec_slot(strvec,3)) >= sizeof(global_data->vrrp_ipset_address_iface6)-1) {
 			report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset IPv6 address_iface name too long - ignored");
-			return;
+			goto ipset_error;
 		}
 		strcpy(global_data->vrrp_ipset_address_iface6, strvec_slot(strvec,3));
 	}
@@ -891,7 +900,7 @@ vrrp_ipsets_handler(const vector_t *strv
 	if (vector_size(strvec) >= 5) {
 		if (strlen(strvec_slot(strvec,4)) >= sizeof(global_data->vrrp_ipset_igmp)-1) {
 			report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset IGMP name too long - ignored");
-			return;
+			goto ipset_error;
 		}
 		strcpy(global_data->vrrp_ipset_igmp, strvec_slot(strvec,4));
 	}
@@ -904,7 +913,7 @@ vrrp_ipsets_handler(const vector_t *strv
 	if (vector_size(strvec) >= 6) {
 		if (strlen(strvec_slot(strvec,5)) >= sizeof(global_data->vrrp_ipset_mld)-1) {
 			report_config_error(CONFIG_GENERAL_ERROR, "VRRP Error : ipset MLD name too long - ignored");
-			return;
+			goto ipset_error;
 		}
 		strcpy(global_data->vrrp_ipset_mld, strvec_slot(strvec,5));
 	}
@@ -914,6 +923,23 @@ vrrp_ipsets_handler(const vector_t *strv
 		global_data->vrrp_ipset_mld[sizeof(global_data->vrrp_ipset_mld) - 5] = '\0';
 		strcat(global_data->vrrp_ipset_mld, "_mld");
 	}
+	/* Ensure all the set names are different */
+	for (sn0 = 0; sn0 < sizeof(set_names) / sizeof(set_names[0]) - 1; sn0++) {
+	        for (sn1 = sn0 + 1; sn1 < sizeof(set_names) / sizeof(set_names[0]); sn1++) {
+	                if (!strcmp(*set_names[sn0], *set_names[sn1])) {
+	                        report_config_error(CONFIG_GENERAL_ERROR, "vrrp_ipsets: set name %s used more than once", *set_names[sn0]);
+	                        goto ipset_error;
+	                }
+	        }
+	}
+	global_data->using_ipsets = true;
+	return;
+ipset_error:
+	FREE_CONST_PTR(global_data->vrrp_ipset_address);
+	FREE_CONST_PTR(global_data->vrrp_ipset_address6);
+	FREE_CONST_PTR(global_data->vrrp_ipset_address_iface6);
+	FREE_CONST_PTR(global_data->vrrp_ipset_igmp);
+	FREE_CONST_PTR(global_data->vrrp_ipset_mld);
 }
 #endif
 #endif
openSUSE Build Service is sponsored by
Places