upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-02-25 19:00:48 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 12

BUILD: ssl_sock: fix null dereference for QUIC build

Browse source 
A previous commit tries to fix uninitialized GCC warning on ssl code for
QUIC build. See the fix here :
  48e46f98cc
  BUILD: ssl_sock: bind_conf uninitialized in ssl_sock_bind_verifycbk()

However, this is incomplete as it still reports possible NULL
dereference on ctx variable (GCC v12.2.0). Here is the compilation
result :

  src/ssl_sock.c: In function ‘ssl_sock_bind_verifycbk’:
  src/ssl_sock.c:1739:12: error: potential null pointer dereference [-Werror=null-dereference]
   1739 |         ctx->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
        |

To fix this, remove check on qc which can also never happens and replace
it with a BUG_ON. This seems to satisfy GCC on my machine.

This must be backported up to 2.6.
This commit is contained in:
Amaury Denoyelle 2022-10-17 18:46:49 +02:00
parent 74a9eb5216
commit ba303deadc
1 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
src/ssl_sock.c
View file

@ -1727,10 +1727,9 @@ int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
#ifdef USE_QUIC
else {
qc = SSL_get_ex_data(ssl, ssl_qc_app_data_index);
if (qc) {
bind_conf = qc->li->bind_conf;
ctx = qc->xprt_ctx;
}
BUG_ON(!qc); /* Must never happen */
bind_conf = qc->li->bind_conf;
ctx = qc->xprt_ctx;
}
#endif