BUG/MEDIUM: ssl: check OCSP calloc in ssl_sock_load_ocsp()

Check the return of the calloc in ssl_sock_load_ocsp() which could lead
to a NULL dereference.

This was introduced by commit be2774d ("MEDIUM: ssl: Added support for
Multi-Cert OCSP Stapling").

Could be backported as far as 1.7.

(cherry picked from commit a560c06af7d9ba68cb0e82d1d25652b9a6a5a336)
Signed-off-by: Willy Tarreau <w@1wt.eu>
(cherry picked from commit ea22337f040fd563b5bd5457976d90568a0b4697)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 46ecef8..f7425b9 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1302,9 +1302,13 @@ static int ssl_sock_load_ocsp(SSL_CTX *ctx, const struct cert_key_and_chain *ckc
        SSL_CTX_get_tlsext_status_cb(ctx, &callback);
 
        if (!callback) {
-               struct ocsp_cbk_arg *cb_arg = calloc(1, sizeof(*cb_arg));
+               struct ocsp_cbk_arg *cb_arg;
                EVP_PKEY *pkey;
 
+               cb_arg = calloc(1, sizeof(*cb_arg));
+               if (!cb_arg)
+                       goto out;
+
                cb_arg->is_single = 1;
                cb_arg->s_ocsp = iocsp;
                iocsp->refcount++;