From 8cb033643ff3235ac0d3887167ce06fefeaf850b Mon Sep 17 00:00:00 2001
From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Mon, 17 May 2021 10:08:16 +0200
Subject: [PATCH] BUG/MINOR: http: Missing calloc return value check while
 parsing tcp-request rule

A memory allocation failure happening in tcp_parse_request_rule while
processing the "capture" keyword and trying to allocate a cap_hdr
structure would have resulted in a crash. This function is only called
during configuration parsing.

It was raised in GitHub issue #1233.
It could be backported to all stable branches.
---
 src/tcp_rules.c |    5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/tcp_rules.c b/src/tcp_rules.c
index edc287b..bbd5820 100644
--- a/src/tcp_rules.c
+++ b/src/tcp_rules.c
@@ -826,6 +826,11 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type,
 		}
 
 		hdr = calloc(1, sizeof(*hdr));
+		if (!hdr) {
+			memprintf(err, "parsing [%s:%d] : out of memory", file, line);
+			release_sample_expr(expr);
+			return -1;
+		}
 		hdr->next = curpx->req_cap;
 		hdr->name = NULL; /* not a header capture */
 		hdr->namelen = 0;
-- 
1.7.10.4