[master] cd2cfbd52 Make incomplete commands in -I cli_file a fatal error.

Poul-Henning Kamp phk at FreeBSD.org
Wed Oct 11 07:36:11 UTC 2023 

commit cd2cfbd522f7dd2dd143e6c0a191ddc73da8f8d9
Author: Poul-Henning Kamp <phk at FreeBSD.org>
Date:   Wed Oct 11 07:34:33 2023 +0000

    Make incomplete commands in -I cli_file a fatal error.
    
    Fixes: 3995

diff --git a/bin/varnishd/mgt/mgt_cli.c b/bin/varnishd/mgt/mgt_cli.c
index 21d6bc2d3..c3cada3d9 100644
--- a/bin/varnishd/mgt/mgt_cli.c
+++ b/bin/varnishd/mgt/mgt_cli.c
@@ -341,8 +341,11 @@ mgt_cli_cb_after(const struct cli *cli)
 
 	MGT_Complain(C_CLI, "CLI %s Wr %03u %s",
 	    cli->ident, cli->result, VSB_data(cli->sb));
-	if (cli->priv == stderr &&
-	    cli->result != CLIS_OK && *VSB_data(cli->cmd) != '-') {
+	if (cli->priv != stderr)
+		return;
+	if (cli->result == CLIS_TRUNCATED)
+		ARGV_ERR("-I file had incomplete CLI command at the end\n");
+	if (cli->result != CLIS_OK && *VSB_data(cli->cmd) != '-') {
 		ARGV_ERR("-I file CLI command failed (%d)\n%s\n",
 		    cli->result, VSB_data(cli->sb));
 	}
diff --git a/bin/varnishtest/tests/u00000.vtc b/bin/varnishtest/tests/u00000.vtc
index 11cbdb4a0..8efeb3bc0 100644
--- a/bin/varnishtest/tests/u00000.vtc
+++ b/bin/varnishtest/tests/u00000.vtc
@@ -169,3 +169,23 @@ shell -err -expect {Cannot read -f file} {
 }
 
 # varnishd -spersistent is tested in p00000.vtc
+
+# Test that incomplete CLI commands in -I causes failure
+
+process p1 {
+	echo -n foobar > ${tmpdir}/_foobar
+	exec varnishd -n ${tmpdir}/v0 -d -a :0 -I ${tmpdir}/_foobar 2>&1
+} -expect-exit 2 -start
+
+process p1 -expect-text 0 0 "-I file had incomplete CLI command at the end"
+process p1 -screen-dump
+process p1 -wait
+
+process p1 {
+	echo 'foobar << blabla > ${tmpdir}/_foobar
+	exec varnishd -n ${tmpdir}/v0 -d -a :0 -I ${tmpdir}/_foobar 2>&1
+} -expect-exit 2 -start
+
+process p1 -expect-text 0 0 "-I file had incomplete CLI command at the end"
+process p1 -screen-dump
+process p1 -wait
diff --git a/lib/libvarnish/vcli_serve.c b/lib/libvarnish/vcli_serve.c
index 40b46947f..9dee27e36 100644
--- a/lib/libvarnish/vcli_serve.c
+++ b/lib/libvarnish/vcli_serve.c
@@ -522,6 +522,13 @@ cls_close_fd(struct VCLS *cs, struct VCLS_fd *cfd)
 	CHECK_OBJ_NOTNULL(cfd, VCLS_FD_MAGIC);
 
 	VTAILQ_REMOVE(&cs->fds, cfd, list);
+	if (cfd->cli->cmd != NULL) {
+		(void)VSB_finish(cfd->cli->cmd);
+		cfd->cli->result = CLIS_TRUNCATED;
+		if (cs->after != NULL)
+			cs->after(cfd->cli);
+		VSB_destroy(&cfd->cli->cmd);
+	}
 	cs->nfd--;
 	VSB_destroy(&cfd->cli->sb);
 	if (cfd->closefunc != NULL)

More information about the varnish-commit mailing list