BUG/MINOR: http: Missing calloc return value check while parsing tcp-request rule

A memory allocation failure happening in tcp_parse_request_rule while
processing the "capture" keyword and trying to allocate a cap_hdr
structure would have resulted in a crash. This function is only called
during configuration parsing.

It was raised in GitHub issue #1233.
It could be backported to all stable branches.

diff --git a/src/tcp_rules.c b/src/tcp_rules.c
index edc287b56c8e36eda329e416c27d0af8039a5348..bbd5820b4c0e30351c0206331a394f031f6ed50c 100644 (file)
--- a/src/tcp_rules.c
+++ b/src/tcp_rules.c
@@ -826,6 +826,11 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type,
                }
 
                hdr = calloc(1, sizeof(*hdr));
+               if (!hdr) {
+                       memprintf(err, "parsing [%s:%d] : out of memory", file, line);
+                       release_sample_expr(expr);
+                       return -1;
+               }
                hdr->next = curpx->req_cap;
                hdr->name = NULL; /* not a header capture */
                hdr->namelen = 0;