BUG/MINOR: ssl_crtlist: handle a possible strdup() failure
authorIlia Shipitsin <chipitsine@gmail.com>
Tue, 3 Dec 2024 16:13:05 +0000 (17:13 +0100)
committerWilly Tarreau <w@1wt.eu>
Thu, 20 Mar 2025 10:22:17 +0000 (11:22 +0100)
This defect was found by the coccinelle script "unchecked-strdup.cocci".
It can be backported to all supported branches.

(cherry picked from commit ce30bc17305e4ac2dec7d641eedcb301a237d863)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit f13318e2d28bcbd0929ab9e494cc52803c5db7d1)
Signed-off-by: Willy Tarreau <w@1wt.eu>

src/ssl_crtlist.c

index 48186c4..f19864f 100644 (file)
@@ -608,6 +608,11 @@ int crtlist_parse_file(char *file, struct bind_conf *bind_conf, struct proxy *cu
                                found++;
                                free(cc.crt);
                                cc.crt = strdup(crt_path);
+                               if (cc.crt == NULL) {
+                                       cfgerr |= ERR_ALERT | ERR_FATAL;
+                                       goto error;
+                               }
+
                                ckchs = ckch_store_new_load_files_conf(crt_path, &cc, err);
                                if (ckchs == NULL) {
                                        cfgerr |= ERR_ALERT | ERR_FATAL;