From: Tim Duesterhus <tim@bastelstu.be>
Date: Tue, 17 Mar 2020 20:08:24 +0000 (+0100)
Subject: BUG/MINOR: pattern: Do not pass len = 0 to calloc()
X-Git-Tag: v2.1.4~55
X-Git-Url: http://git.haproxy.org/?a=commitdiff_plain;h=87fc6517dcbc7e967c879cbd1e3af2b64df02123;p=haproxy-2.1.git

BUG/MINOR: pattern: Do not pass len = 0 to calloc()

The behavior of calloc() when being passed `0` as `nelem` is implementation
defined. It may return a NULL pointer.

Avoid this issue by checking before allocating. While doing so adjust the local
integer variables that are used to refer to memory offsets to `size_t`.

This issue was introced in commit f91ac19299fe216a793ba6550dca06b688b31549. This
patch should be backported together with that commit.

(cherry picked from commit b584b4475be09a20dea07f35c605487a1b73425e)
Signed-off-by: Willy Tarreau <w@1wt.eu>
---

diff --git a/src/pattern.c b/src/pattern.c
index 53856f5..743a309 100644
--- a/src/pattern.c
+++ b/src/pattern.c
@@ -2661,10 +2661,10 @@ static int cmp_pat_ref(const void *_a, const void *_b)
  */
 int pattern_finalize_config(void)
 {
-	int len = 0;
-	int unassigned_pos = 0;
+	size_t len = 0;
+	size_t unassigned_pos = 0;
 	int next_unique_id = 0;
-	int i, j;
+	size_t i, j;
 	struct pat_ref *ref, **arr;
 	struct list pr = LIST_HEAD_INIT(pr);
 
@@ -2677,6 +2677,10 @@ int pattern_finalize_config(void)
 			unassigned_pos++;
 	}
 
+	if (len == 0) {
+		return 0;
+	}
+
 	arr = calloc(len, sizeof(*arr));
 	if (arr == NULL) {
 		ha_alert("Out of memory error.\n");