From: Alexander Stephan <alexander.stephan@sap.com>
Date: Mon, 1 Sep 2025 09:51:19 +0000 (+0000)
Subject: BUG/MINOR: cfgparse: Add OOM check for calloc() in cfg_parse_listen()
X-Git-Tag: v3.3-dev8~45
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=73f9a75894c660dd034439e0bc343aa00489dbc9;p=thirdparty%2Fhaproxy.git

BUG/MINOR: cfgparse: Add OOM check for calloc() in cfg_parse_listen()

This commit adds a missing out-of-memory (OOM) check
after the call to `calloc()` in `cfg_parse_listen()`.
If memory allocation fails, an alert is logged, error
codes are set, and parsing is aborted to prevent
undefined behavior.

Co-authored-by: Christian Norbert Menges <christian.norbert.menges@sap.com>
---

diff --git a/src/cfgparse-listen.c b/src/cfgparse-listen.c
index b0d24be3a..748ab696d 100644
--- a/src/cfgparse-listen.c
+++ b/src/cfgparse-listen.c
@@ -2029,6 +2029,12 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm)
 					len += strlen(args[i]) + 1;
 
 				desc = d = calloc(1, len);
+				if (unlikely(!d)) {
+					ha_alert("parsing [%s:%d]: '%s %s' : memory allocation failed\n",
+							 file, linenum, args[0], args[1]);
+					err_code |= ERR_ALERT | ERR_FATAL;
+					goto out;
+				}
 
 				d += snprintf(d, desc + len - d, "%s", args[2]);
 				for (i = 3; *args[i]; i++)