mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-20 21:31:28 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: ssl: Fix potential NULL deref in trace callback

Browse Source 
'conn' might be NULL in the trace callback so the calls to
conn_err_code_str must be covered by a proper check.

This issue was found by Coverity and raised in GitHub #3112.
The patch must be backported to 3.2.
This commit is contained in:
Remi Tricot-Le Breton 2025-09-10 10:31:08 +02:00 committed by William Lallemand
parent a316342ec6
commit e0844a305c
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/ssl_trace.c
View File

@ -84,6 +84,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
const struct ist where, const struct ist func, const struct ist where, const struct ist func,
const void *a1, const void *a2, const void *a3, const void *a4) const void *a1, const void *a2, const void *a3, const void *a4)
{ {
const char *errstr = NULL;
struct connection *conn = (struct connection*)a1; struct connection *conn = (struct connection*)a1;
if (src->verbosity <= SSL_VERB_CLEAN) if (src->verbosity <= SSL_VERB_CLEAN)
@ -93,6 +94,8 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
struct proxy *px = conn_get_proxy(conn); struct proxy *px = conn_get_proxy(conn);
chunk_appendf(&trace_buf, " : [%c(%s)] conn=%p(0x%08x)", conn_is_back(conn) ? 'B' : 'F', chunk_appendf(&trace_buf, " : [%c(%s)] conn=%p(0x%08x)", conn_is_back(conn) ? 'B' : 'F',
px ? px->id : "", conn, conn->flags); px ? px->id : "", conn, conn->flags);
errstr = conn_err_code_str(conn);
} }
if (src->verbosity <= SSL_VERB_MINIMAL) if (src->verbosity <= SSL_VERB_MINIMAL)
@ -150,7 +153,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
* error we had. */ * error we had. */
if (a3) { if (a3) {
const unsigned int *err_code = a3; const unsigned int *err_code = a3;
chunk_appendf(&trace_buf, " err_code=%u err_str=\"%s\"", *err_code, conn_err_code_str(conn)); chunk_appendf(&trace_buf, " err_code=%u err_str=\"%s\"", *err_code, errstr);
} }
if (a4) { if (a4) {
@ -165,7 +168,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
if (mask & SSL_EV_CONN_ERR) { if (mask & SSL_EV_CONN_ERR) {
if (a3) { if (a3) {
const unsigned int *err_code = a3; const unsigned int *err_code = a3;
chunk_appendf(&trace_buf, " err_code=%u err_str=\"%s\"", *err_code, conn_err_code_str(conn)); chunk_appendf(&trace_buf, " err_code=%u err_str=\"%s\"", *err_code, errstr);
} }
if (a4) { if (a4) {
const unsigned int *ssl_err_code = a4; const unsigned int *ssl_err_code = a4;
@ -186,7 +189,7 @@ static void ssl_trace(enum trace_level level, uint64_t mask, const struct trace_
if (mask & SSL_EV_CONN_ERR) { if (mask & SSL_EV_CONN_ERR) {
if (a3) { if (a3) {
const unsigned int *err_code = a3; const unsigned int *err_code = a3;
chunk_appendf(&trace_buf, " err_code=%u err_str=\"%s\"", *err_code, conn_err_code_str(conn)); chunk_appendf(&trace_buf, " err_code=%u err_str=\"%s\"", *err_code, errstr);
} }
} else if (src->verbosity > SSL_VERB_SIMPLE) { } else if (src->verbosity > SSL_VERB_SIMPLE) {
if (a3) { if (a3) {