BUG/MINOR: ssl: fix a trash buffer leak in some error cases

Fix a trash buffer leak when we can't take the lock of the ckch, or when
"set ssl cert" is wrongly used.

The bug was mentionned in this thread:
https://www.mail-archive.com/haproxy@formilux.org/msg37539.html

The bug was introduced by commit bc6ca7c ("MINOR: ssl/cli: rework 'set
ssl cert' as 'set/commit'").

Must be backported in 2.1.

(cherry picked from commit e5ff4addb2300db60f5a4d1f99abd54b4a1a94f6)
[wla: function cli_parse_set_cert() was moved in 2.2 and is in
src/ssl_sock.c in 2.1]
Signed-off-by: William Lallemand <wlallemand@haproxy.org>

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6bbb1a3..565aeab 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -10327,9 +10327,6 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx,
        if (!cli_has_level(appctx, ACCESS_LVL_ADMIN))
                return 1;
 
-       if ((buf = alloc_trash_chunk()) == NULL)
-               return cli_err(appctx, "Can't allocate memory\n");
-
        if (!*args[3] || !payload)
                return cli_err(appctx, "'set ssl cert expects a filename and a certificat as a payload\n");
 
@@ -10338,6 +10335,9 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx,
        if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
                return cli_err(appctx, "Can't update the certificate!\nOperations on certificates are currently locked!\n");
 
+       if ((buf = alloc_trash_chunk()) == NULL)
+               return cli_err(appctx, "Can't allocate memory\n");
+
        if (!chunk_strcpy(buf, args[3])) {
                memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
                errcode |= ERR_ALERT | ERR_FATAL;