BUG/MINOR: http: Missing calloc return value check while parsing tcp-request rule

A memory allocation failure happening in tcp_parse_request_rule while
processing the "capture" keyword and trying to allocate a cap_hdr
structure would have resulted in a crash. This function is only called
during configuration parsing.

It was raised in GitHub issue #1233.
It could be backported to all stable branches.

(cherry picked from commit 8cb033643ff3235ac0d3887167ce06fefeaf850b)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit 31d170c581e8e4f726d7a54288b969cd38dde4b5)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

diff --git a/src/tcp_rules.c b/src/tcp_rules.c
index a23b8b6..c671ed9 100644 (file)
--- a/src/tcp_rules.c
+++ b/src/tcp_rules.c
@@ -820,6 +820,11 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type,
                }
 
                hdr = calloc(1, sizeof(*hdr));
+               if (!hdr) {
+                       memprintf(err, "parsing [%s:%d] : out of memory", file, line);
+                       release_sample_expr(expr);
+                       return -1;
+               }
                hdr->next = curpx->req_cap;
                hdr->name = NULL; /* not a header capture */
                hdr->namelen = 0;