It is not really an issue, but the "check-sni" value inerited from a default
server is not duplicated while the paramter value is duplicated during the
parsing. So here there is a small leak if several "check-sni" parameters are
used on the same server line. The previous value is never released. But to
fix this issue, the value inherited from the default server must also be
duplicated. At the end it is safer this way and consistant with the parsing
of the "sni" parameter.
It is harmless so there is no reason to backport this patch.
return ERR_ALERT | ERR_FATAL;
}
+ free(newsrv->check.sni);
newsrv->check.sni = strdup(args[*cur_arg + 1]);
if (!newsrv->check.sni) {
memprintf(err, "'%s' : failed to allocate memory", args[*cur_arg]);
}
ha_free(&check->pool_conn_name);
+ ha_free(&check->sni);
ha_free(&check->alpn_str);
task_destroy(check->task);
srv->agent.addr = src->agent.addr;
srv->check.use_ssl = src->check.use_ssl;
srv->check.port = src->check.port;
- srv->check.sni = src->check.sni;
+ if (src->check.sni != NULL)
+ srv->check.sni = strdup(src->check.sni);
if (src->check.alpn_str) {
srv->check.alpn_str = malloc(src->check.alpn_len);
if (srv->check.alpn_str) {
projects / thirdparty / haproxy.git / commitdiff
