From: William Lallemand <wlallemand@haproxy.com>
Date: Fri, 9 May 2025 17:01:28 +0000 (+0200)
Subject: BUG/MINOR: ssl/ckch: always free() the previous entry during parsing
X-Git-Tag: v3.2-dev16~45
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=311e0aa5c712f38700b7b185c0d5f1aa33c48613;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl/ckch: always free() the previous entry during parsing

The ckch_conf_parse() function is the generic function which parses
crt-store keywords from the crt-store section, and also from a crt-list.

When having multiple time the same keyword, a leak of the previous value
happens. This patch ensure that the previous value is always freed
before overwriting it.

This patch should be backported as far as 3.0.
---

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index ea60bd3f3..cf1357168 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -4870,6 +4870,7 @@ int ckch_conf_parse(char **args, int cur_arg, struct ckch_conf *f, int *found, c
 			if (ckch_conf_kws[i].type == PARSE_TYPE_STR) {
 				char **t = target;
 
+				ha_free(t);
 				*t = strdup(args[cur_arg + 1]);
 				if (!*t) {
 					ha_alert("parsing [%s:%d]: out of memory.\n", file, linenum);