Bug ID 500652: Dynamic ACL failing with parsing error ERR_PARSER_MULTIPLE_STARTING_CURLY_BRACE, failure/success alternates each time on access

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Opened: Jan 13, 2015
Severity: 3-Major

Symptoms

Session variable set from irule is sometimes corrupted for processing during access policy.

Impact

Alternates between success and failure.

Conditions

Start -> irule event -> DACL load success -> message box ACL load success -> deny failure -> message box ACL load failure -> deny The irule sets a session variable (DACL data) from a plain static block of text. When we look at sessiondump, we can see that the affected acl sessvar has partially truncated data that fails during the DACL parsing.

Workaround

Split the big ACL into multiple smaller ones.

Fix Information

None

Behavior Change