From d9c2214b030b9ab196317e0d5a823a2d1f625b45 Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.org>
Date: Tue, 23 Feb 2021 14:45:45 +0100
Subject: [PATCH] BUG/MINOR: ssl/cli: potential null pointer dereference in
 "set ssl cert"

A potential null pointer dereference was reported with an old gcc
version (6.5)

    src/ssl_ckch.c: In function 'cli_parse_set_cert':
    src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference]
      if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))
           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference]
    src/ssl_ckch.c: In function 'ckchs_dup':
    src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference]
      if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))
           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference]
    cc1: all warnings being treated as errors

This case does not actually happen but it's better to fix the ckch API
with a NULL check.

Could be backported as far as 2.1.

(cherry picked from commit 6c0961442c5e19a1bfc706374f96cfbd42feaeb2)
Signed-off-by: William Lallemand <wlallemand@haproxy.org>
(cherry picked from commit 8f71298de2fa153fa9855711b992f52cfb8fb1ff)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit 1e5d84df6510c2fbac974c3372e46e027b56922c)
[cf: Changes applied in src/ssl_sock.c]
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
---
 src/ssl_sock.c |    6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6bf7ae9..2f6fce4 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3037,6 +3037,9 @@ static void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain
 static struct cert_key_and_chain *ssl_sock_copy_cert_key_and_chain(struct cert_key_and_chain *src,
                                                                    struct cert_key_and_chain *dst)
 {
+	if (!src || !dst)
+		return NULL;
+
 	if (src->cert) {
 		dst->cert = src->cert;
 		X509_up_ref(src->cert);
@@ -3584,6 +3587,9 @@ static struct ckch_store *ckchs_dup(const struct ckch_store *src)
 	struct ckch_store *dst;
 	int pathlen;
 
+	if (!src)
+		return NULL;
+
 	pathlen = strlen(src->path);
 	dst = calloc(1, sizeof(*dst) + pathlen + 1);
 	if (!dst)
-- 
1.7.10.4