]> git.ipfire.org Git - thirdparty/haproxy.git/commit
projects / thirdparty / haproxy.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ff4a0f6) | patch
BUG/MINOR: ssl: fix crt-store load parsing
authorWilliam Lallemand <wlallemand@haproxy.com>
Wed, 17 Apr 2024 18:52:46 +0000 (20:52 +0200)
committerWilliam Lallemand <wlallemand@haproxy.com>
Wed, 17 Apr 2024 19:00:34 +0000 (21:00 +0200)
commit10224d72fd5b4c793d6eb9e6ce84e42203c81ad7
treeadbd256cbf465d117ca2b4c6c1080c8d07ecc315tree
parentff4a0f656211499e1098a5bdd03e65034c14c0b9commit | diff
BUG/MINOR: ssl: fix crt-store load parsing

The crt-store load line parser relies on offsets of member of the
ckch_conf struct. However the new "alias" keyword as an offset to
-1, because it does not need to be used. Plan was to handle it that way
in the parser, but it wasn't supported yet. So -1 was still used in an
offset computation which was not used, but ASAN could see the problem.

This patch fixes the issue by using a signed type for the offset value,
so any negative value would be skipped. It also introduced a
PARSE_TYPE_NONE for the parser.

No backport needed.
include/haproxy/ssl_ckch-t.h diff | blob | blame | history
src/ssl_ckch.c diff | blob | blame | history
Mirror of https://github.com/haproxy/haproxy.git