upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-03-28 13:24:28 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

BUG/MINOR: ssl: Do not free garbage pointers on memory allocation failure

Browse source 
In `ckch_inst_sni_ctx_to_sni_filters` use `calloc()` to allocate the filter
array. When the function fails to allocate memory for a single entry the
whole array will be `free()`d using free_sni_filters(). With the previous
`malloc()` the pointers for entries after the failing allocation could
possibly be a garbage value.

This bug was introduced in commit 38df1c8006,
which is 2.2+. No backport needed.
This commit is contained in:
Tim Duesterhus 2020-03-19 16:12:09 +01:00 committed by William Lallemand
parent fdc7ee2173
commit 8c12025a7d
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/ssl_sock.c
View file

@ -3939,7 +3939,7 @@ static int ckch_inst_sni_ctx_to_sni_filters(const struct ckch_inst *ckchi, char
if (!tmp_fcount)
goto end;
tmp_filter = malloc(sizeof(*tmp_filter) * tmp_fcount);
tmp_filter = calloc(tmp_fcount, sizeof(*tmp_filter));
if (!tmp_filter) {
errcode |= ERR_FATAL|ERR_ALERT;
goto error;