From e4aea34f342caff3021703fc2bf963881343e29c Mon Sep 17 00:00:00 2001
From: Zhang Jun <zhangjun@kylinos.cn>
Date: Tue, 18 Oct 2022 17:44:14 +0800
Subject: [PATCH] Sync upstream patches

---
 ...r-memory-leaks-when-configuration-is.patch |  80 ++++++++++
 ...e-last-entry-if-duplicate-definition.patch | 139 ++++++++++++++++++
 keepalived.spec                               |  11 +-
 3 files changed, 229 insertions(+), 1 deletion(-)
 create mode 100644 check-fix-further-memory-leaks-when-configuration-is.patch
 create mode 100644 check-use-last-entry-if-duplicate-definition.patch

diff --git a/check-fix-further-memory-leaks-when-configuration-is.patch b/check-fix-further-memory-leaks-when-configuration-is.patch
new file mode 100644
index 0000000..7fefe77
--- /dev/null
+++ b/check-fix-further-memory-leaks-when-configuration-is.patch
@@ -0,0 +1,80 @@
+From 4b269f8131591e3067b54dc1f587592bfca10fba Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Tue, 26 Jul 2022 09:42:01 +0100
+Subject: [PATCH] check: fix further memory leaks when configuration is
+ repeated
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ keepalived/check/check_http.c   | 9 +++++++--
+ keepalived/check/check_parser.c | 6 +-----
+ keepalived/check/check_smtp.c   | 4 +++-
+ 3 files changed, 11 insertions(+), 8 deletions(-)
+
+diff --git a/keepalived/check/check_http.c b/keepalived/check/check_http.c
+index 805b6557..9b9ed1df 100644
+--- a/keepalived/check/check_http.c
++++ b/keepalived/check/check_http.c
+@@ -504,7 +504,7 @@ url_handler(__attribute__((unused)) const vector_t *strvec)
+ static void
+ path_handler(const vector_t *strvec)
+ {
+-	current_url->path = set_value(strvec);
++	set_string(&current_url->path, strvec, "path");
+ }
+ 
+ static void
+@@ -618,11 +618,16 @@ regex_handler(__attribute__((unused)) const vector_t *strvec)
+ 	const vector_t *strvec_qe = alloc_strvec_quoted_escaped(NULL);
+ 
+ 	if (vector_size(strvec_qe) != 2) {
+-		log_message(LOG_INFO, "regex missing or too many fields");
++		report_config_error(CONFIG_GENERAL_ERROR, "regex missing or too many fields");
+ 		free_strvec(strvec_qe);
+ 		return;
+ 	}
+ 
++	if (conf_regex_pattern) {
++		report_config_error(CONFIG_GENERAL_ERROR, "Duplicate regex specified - replacing %s with %s", conf_regex_pattern, strvec_slot(strvec, 1));
++		FREE_CONST_PTR(conf_regex_pattern);
++	}
++
+ 	conf_regex_pattern = PTR_CAST_CONST(unsigned char, set_value(strvec_qe));
+ 	free_strvec(strvec_qe);
+ }
+diff --git a/keepalived/check/check_parser.c b/keepalived/check/check_parser.c
+index 4ec266a8..a5555113 100644
+--- a/keepalived/check/check_parser.c
++++ b/keepalived/check/check_parser.c
+@@ -79,11 +79,7 @@ handle_ssl_file(const vector_t *strvec, const char **file_name, const char *type
+ 		return;
+ 	}
+ 
+-	if (*file_name) {
+-		report_config_error(CONFIG_GENERAL_ERROR, "SSL %s already specified - replacing", type);
+-		FREE_CONST(*file_name);
+-	}
+-	*file_name = set_value(strvec);
++	set_string(file_name, strvec, "SSL");
+ }
+ 
+ static void
+diff --git a/keepalived/check/check_smtp.c b/keepalived/check/check_smtp.c
+index c9846145..50996833 100644
+--- a/keepalived/check/check_smtp.c
++++ b/keepalived/check/check_smtp.c
+@@ -277,8 +277,10 @@ smtp_helo_name_handler(const vector_t *strvec)
+ 		return;
+ 	}
+ 
+-	if (smtp_checker->helo_name)
++	if (smtp_checker->helo_name) {
++		report_config_error(CONFIG_GENERAL_ERROR, "SMTP_CHECK helo name already specified");
+ 		FREE_CONST(smtp_checker->helo_name);
++	}
+ 
+ 	smtp_checker->helo_name = set_value(strvec);
+ }
+-- 
+2.25.1
+
diff --git a/check-use-last-entry-if-duplicate-definition.patch b/check-use-last-entry-if-duplicate-definition.patch
new file mode 100644
index 0000000..33aebbb
--- /dev/null
+++ b/check-use-last-entry-if-duplicate-definition.patch
@@ -0,0 +1,139 @@
+From 014f037b219d328d501ac90cc046efa9b84b3a32 Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Mon, 25 Jul 2022 18:06:24 +0100
+Subject: [PATCH] check: use last entry if duplicate definition
+
+Commits 8a3f145 - "fix mem leaks when virtualhost and snmp_name
+are duplicate" and 86bbb2e - "fix mem leaks when virtualhost is
+duplicate" changed the behaviour of virtualhost and snmp_name
+configuration if there were duplicate definitions to use the
+first defined entry, whereas previously the last defined entry
+was used, albeit with a memory leak.
+
+This commit retains the memory leak fixes, but reverts the
+behaviour to use the last definition rather than the first.
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ keepalived/check/check_http.c   | 10 ++--------
+ keepalived/check/check_parser.c | 20 ++++----------------
+ lib/parser.c                    | 10 ++++++++++
+ lib/parser.h                    |  1 +
+ 4 files changed, 17 insertions(+), 24 deletions(-)
+
+diff --git a/keepalived/check/check_http.c b/keepalived/check/check_http.c
+index e0d1297f..805b6557 100644
+--- a/keepalived/check/check_http.c
++++ b/keepalived/check/check_http.c
+@@ -466,10 +466,7 @@ virtualhost_handler(const vector_t *strvec)
+ 		return;
+ 	}
+ 
+-	if (!http_get_chk->virtualhost)
+-		http_get_chk->virtualhost = set_value(strvec);
+-	else
+-		report_config_error(CONFIG_GENERAL_ERROR, "Duplicate virtualhost %s - ignoring", strvec_slot(strvec, 1));
++	set_string(&http_get_chk->virtualhost, strvec, "virtualhost");
+ }
+ 
+ static void
+@@ -588,10 +585,7 @@ url_virtualhost_handler(const vector_t *strvec)
+ 		return;
+ 	}
+ 
+-	if (!current_url->virtualhost)
+-		current_url->virtualhost = set_value(strvec);
+-	else
+-		report_config_error(CONFIG_GENERAL_ERROR, "Duplicate url virtualhost %s - ignoring", strvec_slot(strvec, 1));
++	set_string(&current_url->virtualhost, strvec, "url virtualhost");
+ }
+ 
+ static void
+diff --git a/keepalived/check/check_parser.c b/keepalived/check/check_parser.c
+index 34c92382..4ec266a8 100644
+--- a/keepalived/check/check_parser.c
++++ b/keepalived/check/check_parser.c
+@@ -608,10 +608,7 @@ vs_virtualhost_handler(const vector_t *strvec)
+ 		return;
+ 	}
+ 
+-	if (!current_vs->virtualhost)
+-		current_vs->virtualhost = set_value(strvec);
+-	else
+-		report_config_error(CONFIG_GENERAL_ERROR, "Duplicate vs virtualhost %s - ignoring", strvec_slot(strvec, 1));
++	set_string(&current_vs->virtualhost, strvec, "vs virtualhost");
+ }
+ 
+ #ifdef _WITH_SNMP_CHECKER_
+@@ -624,10 +621,7 @@ vs_snmp_name_handler(const vector_t *strvec)
+ 		return;
+ 	}
+ 
+-	if (!current_vs->snmp_name)
+-		current_vs->snmp_name = set_value(strvec);
+-	else
+-		report_config_error(CONFIG_GENERAL_ERROR, "Duplicate vs snmp_name %s - ignoring", strvec_slot(strvec, 1));
++	set_string(&current_vs->snmp_name, strvec, "vs snmp_name");
+ }
+ #endif
+ 
+@@ -853,10 +847,7 @@ rs_virtualhost_handler(const vector_t *strvec)
+ 		return;
+ 	}
+ 
+-	if (!current_rs->virtualhost)
+-		current_rs->virtualhost = set_value(strvec);
+-	else
+-		report_config_error(CONFIG_GENERAL_ERROR, "Duplicate rs virtualhost %s - ignoring", strvec_slot(strvec, 1));
++	set_string(&current_rs->virtualhost, strvec, "rs virtualhost");
+ }
+ 
+ #ifdef _WITH_SNMP_CHECKER_
+@@ -868,10 +859,7 @@ rs_snmp_name_handler(const vector_t *strvec)
+ 		return;
+ 	}
+ 
+-	if (!current_rs->snmp_name)
+-		current_rs->snmp_name = set_value(strvec);
+-	else
+-		report_config_error(CONFIG_GENERAL_ERROR, "Duplicate rs snmp_name %s - ignoring", strvec_slot(strvec, 1));
++	set_string(&current_rs->snmp_name, strvec, "rs snmp_name");
+ }
+ #endif
+ 
+diff --git a/lib/parser.c b/lib/parser.c
+index cb2a8312..db12e602 100644
+--- a/lib/parser.c
++++ b/lib/parser.c
+@@ -805,6 +805,16 @@ read_hex_str(const char *str, uint8_t **data, uint8_t **data_mask)
+ 	return len;
+ }
+ 
++void
++set_string(const char **var, const vector_t *strvec, const char *param_name)
++{
++	if (*var) {
++		report_config_error(CONFIG_GENERAL_ERROR, "Duplicate %s - overwriting %s with %s", param_name, *var, strvec_slot(strvec, 1));
++		FREE_CONST_PTR(*var);
++	}
++	*var = set_value(strvec);
++}
++
+ void
+ set_random_seed(unsigned int seed)
+ {
+diff --git a/lib/parser.h b/lib/parser.h
+index ed61e67f..10a6513c 100644
+--- a/lib/parser.h
++++ b/lib/parser.h
+@@ -122,6 +122,7 @@ set_value_r(const vector_t *strvec)
+ #endif
+ 
+ /* Prototypes */
++extern void set_string(const char **, const vector_t *, const char *);
+ extern void report_config_error(config_err_t, const char *format, ...)
+ 	__attribute__((format (printf, 2, 3)));
+ extern void use_disk_copy_for_config(const char *);
+-- 
+2.25.1
+
diff --git a/keepalived.spec b/keepalived.spec
index e551ba3..66f9e4e 100644
--- a/keepalived.spec
+++ b/keepalived.spec
@@ -9,7 +9,7 @@
 
 Name:		keepalived
 Version:	2.2.4
-Release:	2
+Release:	3
 Summary:	High Availability monitor built upon LVS, VRRP and service pollers
 License:	GPLv2+
 URL:		http://www.keepalived.org/
@@ -17,6 +17,8 @@ Source0:	http://www.keepalived.org/software/keepalived-%{version}.tar.gz
 Source1: 	keepalived.service
 
 Patch0001:	CVE-2021-44225.patch
+Patch0002:	check-use-last-entry-if-duplicate-definition.patch
+Patch0003:	check-fix-further-memory-leaks-when-configuration-is.patch
 
 BuildRequires:	net-snmp-devel gcc systemd-units openssl-devel libnl3-devel
 BuildRequires:  ipset-devel iptables-devel libnfnetlink-devel libnftnl-devel
@@ -92,6 +94,13 @@ install -Dd -m 0755 %{buildroot}%{_libexecdir}/keepalived
 %{_mandir}/man*
 
 %changelog
+* Wed Oct 19 2022 zhangjun<zhangjun@kylinos.cn>-2.2.4-3
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:use last entry if duplicate definition
+       fix further memory leaks when configuration is repeated
+
 * Tue Mar 29 2022 kwb0523 <kwb0523@163.com> -  2.2.4-2
 - Type:bugfix
 - ID:NA 
-- 
Gitee