mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 12:41:00 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: ssl: Do not free garbage pointers on memory allocation failure

Browse Source 
In `ckch_inst_sni_ctx_to_sni_filters` use `calloc()` to allocate the filter
array. When the function fails to allocate memory for a single entry the
whole array will be `free()`d using free_sni_filters(). With the previous
`malloc()` the pointers for entries after the failing allocation could
possibly be a garbage value.

This bug was introduced in commit 38df1c8006a2adf97f4ad5a183f80cfdcba3da8a,
which is 2.2+. No backport needed.
This commit is contained in:
Tim Duesterhus 2020-03-19 16:12:09 +01:00 committed by William Lallemand
parent fdc7ee2173
commit 8c12025a7d
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/ssl_sock.c
View File

@ -3939,7 +3939,7 @@ static int ckch_inst_sni_ctx_to_sni_filters(const struct ckch_inst *ckchi, char
if (!tmp_fcount)
goto end;
tmp_filter = malloc(sizeof(*tmp_filter) * tmp_fcount);
tmp_filter = calloc(tmp_fcount, sizeof(*tmp_filter));
if (!tmp_filter) {
errcode |= ERR_FATAL|ERR_ALERT;
goto error;