From b77cb98b780d4bdd9eb9ebf62a75cefbf21d4103 Mon Sep 17 00:00:00 2001 From: Eric Salama Date: Tue, 23 Feb 2021 16:50:57 +0100 Subject: [PATCH] BUG/MINOR: ssl: potential null pointer dereference in ckchs_dup() A potential null pointer dereference was reported with an old gcc version (6.5) src/ssl_ckch.c: In function 'cli_parse_set_cert': src/ssl_ckch.c:844:7: error: potential null pointer dereference [-Werror=null-dereference] if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch)) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ src/ssl_ckch.c:844:7: error: potential null pointer dereference [-Werror=null-dereference] src/ssl_ckch.c: In function 'ckchs_dup': src/ssl_ckch.c:844:7: error: potential null pointer dereference [-Werror=null-dereference] if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch)) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ src/ssl_ckch.c:844:7: error: potential null pointer dereference [-Werror=null-dereference] This could happen if ckch_store_new() fails to allocate memory and returns NULL. This patch must be backported with 8f71298 since it was wrongly fixed and the bug could happen. Must be backported as far as 2.2. (cherry picked from commit 6ac61e39c491f6ca5a1843c787da2e92818ee02a) Signed-off-by: William Lallemand --- src/ssl_ckch.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index 8e97403..eeaa416 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -840,6 +840,8 @@ struct ckch_store *ckchs_dup(const struct ckch_store *src) return NULL; dst = ckch_store_new(src->path); + if (!dst) + return NULL; if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch)) goto error; -- 1.7.10.4