From: eaglegai <eaglegai@163.com>
Date: Fri, 26 May 2023 08:42:47 +0000 (+0800)
Subject: BUG/MINOR: ssl_sock: add check for ha_meth
X-Git-Tag: v2.8.0~23
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=15c3d20e315f1f06c9649ae598de86d61d41085b;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl_sock: add check for ha_meth

in __ssl_sock_init, BIO_meth_new may failed and return NULL if
OPENSSL_zalloc failed.  in this case, ha_meth  will be NULL, and then
crash happens in  BIO_meth_set_write.  So, we add a check for ha_meth.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index e637b0423a..ff0db9d1a1 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -7561,13 +7561,15 @@ static void __ssl_sock_init(void)
 	ERR_load_SSL_strings();
 #endif
 	ha_meth = BIO_meth_new(0x666, "ha methods");
-	BIO_meth_set_write(ha_meth, ha_ssl_write);
-	BIO_meth_set_read(ha_meth, ha_ssl_read);
-	BIO_meth_set_ctrl(ha_meth, ha_ssl_ctrl);
-	BIO_meth_set_create(ha_meth, ha_ssl_new);
-	BIO_meth_set_destroy(ha_meth, ha_ssl_free);
-	BIO_meth_set_puts(ha_meth, ha_ssl_puts);
-	BIO_meth_set_gets(ha_meth, ha_ssl_gets);
+	if (ha_meth != NULL) {
+		BIO_meth_set_write(ha_meth, ha_ssl_write);
+		BIO_meth_set_read(ha_meth, ha_ssl_read);
+		BIO_meth_set_ctrl(ha_meth, ha_ssl_ctrl);
+		BIO_meth_set_create(ha_meth, ha_ssl_new);
+		BIO_meth_set_destroy(ha_meth, ha_ssl_free);
+		BIO_meth_set_puts(ha_meth, ha_ssl_puts);
+		BIO_meth_set_gets(ha_meth, ha_ssl_gets);
+	}
 
 	HA_SPIN_INIT(&ckch_lock);