mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-05 13:06:10 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: quic-be: Avoid SSL context unreachable code without USE_QUIC_OPENSSL_COMPAT

Browse Source 
This commit added a "err" C label reachable only with USE_QUIC_OPENSSL_COMPAT:

   MINOR: quic-be: Missing callbacks initializations (USE_QUIC_OPENSSL_COMPAT)

leading coverity to warn this:

*** CID 1611481:         Control flow issues  (UNREACHABLE)
/src/quic_ssl.c: 802             in ssl_quic_srv_new_ssl_ctx()
796     		goto err;
797     #endif
798
799      leave:
800     	TRACE_LEAVE(QUIC_EV_CONN_NEW);
801     	return ctx;
>>>     CID 1611481:         Control flow issues  (UNREACHABLE)
>>>     This code cannot be reached: "err:
SSL_CTX_free(ctx);".
802      err:
803     	SSL_CTX_free(ctx);
804     	ctx = NULL;
805     	TRACE_DEVEL("leaving on error", QUIC_EV_CONN_NEW);
806     	goto leave;
807     }

The less intrusive (without #ifdef) way to fix this it to add a "goto err"
statement from the code part which is reachable without USE_QUIC_OPENSSL_COMPAT.

Thank you to @chipitsine for having reported this issue in GH #3003.
This commit is contained in:
Frederic Lecaille 2025-06-12 11:17:18 +02:00
parent 869fb457ed
commit 5a0ae9e9be
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/quic_ssl.c
View File

@ -785,7 +785,7 @@ SSL_CTX *ssl_quic_srv_new_ssl_ctx(void)
ctx = SSL_CTX_new(TLS_client_method());
if (!ctx) {
TRACE_ERROR("Could not allocate a new TLS context", QUIC_EV_CONN_NEW);
goto leave;
goto err;
}
SSL_CTX_set_options(ctx, options);