mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-07 07:37:02 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: ssl: check allocation in parse npn/sni

Browse Source 
These checks are especially required now as this function will be used
at runtime for dynamic servers.
This commit is contained in:
Amaury Denoyelle 2021-06-01 11:54:23 +02:00
parent cbbf87f119
commit 1f9333b30e
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/cfgparse-ssl.c
View File

@ -1270,6 +1270,11 @@ static int srv_parse_npn(char **args, int *cur_arg, struct proxy *px, struct ser
*/
newsrv->ssl_ctx.npn_len = strlen(args[*cur_arg + 1]) + 1;
newsrv->ssl_ctx.npn_str = calloc(1, newsrv->ssl_ctx.npn_len + 1);
if (!newsrv->ssl_ctx.npn_str) {
memprintf(err, "out of memory");
return ERR_ALERT | ERR_FATAL;
}
memcpy(newsrv->ssl_ctx.npn_str + 1, args[*cur_arg + 1],
newsrv->ssl_ctx.npn_len);
@ -1590,6 +1595,10 @@ static int srv_parse_sni(char **args, int *cur_arg, struct proxy *px, struct ser
free(newsrv->sni_expr);
newsrv->sni_expr = strdup(arg);
if (!newsrv->sni_expr) {
memprintf(err, "out of memory");
return ERR_ALERT | ERR_FATAL;
}
return 0;
#endif