mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-07 07:37:02 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: cfgparse-ssl: avoid a possible crash on OOM in ssl_bind_parse_npn()

Browse Source 
Upon out of memory condition at boot, we could possibly crash when
parsing the "npn" bind line keyword since it's used unchecked. There's
no real need to backport this though it will not hurt.
This commit is contained in:
Willy Tarreau 2022-12-29 11:11:02 +01:00
parent b5662519df
commit c57fb3be75
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/cfgparse-ssl.c
View File

@ -1016,6 +1016,11 @@ static int ssl_bind_parse_npn(char **args, int cur_arg, struct proxy *px, struct
*/ */
conf->npn_len = strlen(args[cur_arg + 1]) + 1; conf->npn_len = strlen(args[cur_arg + 1]) + 1;
conf->npn_str = calloc(1, conf->npn_len + 1); conf->npn_str = calloc(1, conf->npn_len + 1);
if (!conf->npn_str) {
memprintf(err, "out of memory");
return ERR_ALERT | ERR_FATAL;
}
memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len); memcpy(conf->npn_str + 1, args[cur_arg + 1], conf->npn_len);
/* replace commas with the name length */ /* replace commas with the name length */