mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-03-06 15:41:36 +01:00
Code Issues Projects Releases Wiki Activity

MINOR: ssl: check allocation in parse ciphers/ciphersuites/verifyhost

Browse Source 
These checks are especially required now as this function will be used
at runtime for dynamic servers.
This commit is contained in:
Amaury Denoyelle 2021-05-19 14:57:04 +02:00
parent 949c94e462
commit cbbf87f119
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/cfgparse-ssl.c
View File

@ -1414,6 +1414,12 @@ static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct
free(newsrv->ssl_ctx.ciphers);
newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
if (!newsrv->ssl_ctx.ciphers) {
memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
return ERR_ALERT | ERR_FATAL;
}
return 0;
}
@ -1428,6 +1434,12 @@ static int srv_parse_ciphersuites(char **args, int *cur_arg, struct proxy *px, s
free(newsrv->ssl_ctx.ciphersuites);
newsrv->ssl_ctx.ciphersuites = strdup(args[*cur_arg + 1]);
if (!newsrv->ssl_ctx.ciphersuites) {
memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
return ERR_ALERT | ERR_FATAL;
}
return 0;
}
#endif
@ -1641,6 +1653,11 @@ static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, str
free(newsrv->ssl_ctx.verify_host);
newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
if (!newsrv->ssl_ctx.verify_host) {
memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
return ERR_ALERT | ERR_FATAL;
}
return 0;
}