BUG/MINOR: http: Missing calloc return value check in parse_http_req_capture

A memory allocation failure happening in parse_http_req_capture while
processing a "len" keyword and allocating a cap_hdr structure would
have resulted in a crash. This function is only called during
configuration parsing.

It was raised in GitHub issue #1233.
It could be backported to all stable branches.

(cherry picked from commit a4bf8a059dd9c783c00680aedcf055faa4b5d784)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit 737d8b5c7bbcc38152b5621715f6f34b94d6fc37)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

diff --git a/src/http_act.c b/src/http_act.c
index 246a39b..c9c9580 100644 (file)
--- a/src/http_act.c
+++ b/src/http_act.c
@@ -632,6 +632,11 @@ static enum act_parse_ret parse_http_req_capture(const char **args, int *orig_ar
                cur_arg++;
 
                hdr = calloc(1, sizeof(*hdr));
+               if (!hdr) {
+                       memprintf(err, "out of memory");
+                       release_sample_expr(expr);
+                       return ACT_RET_PRS_ERR;
+               }
                hdr->next = px->req_cap;
                hdr->name = NULL; /* not a header capture */
                hdr->namelen = 0;