From: William Lallemand <wlallemand@haproxy.com>
Date: Fri, 20 May 2016 15:28:07 +0000 (+0200)
Subject: BUG/MEDIUM: fix risk of segfault with "show tls-keys"
X-Git-Tag: v1.7-dev4~90
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=7bba4ccfb68b2fc0e76f51bcca7cdcb1388c4023;p=thirdparty%2Fhaproxy.git

BUG/MEDIUM: fix risk of segfault with "show tls-keys"

The reference to the tls_keys_ref was not deleted from the
tlskeys_reference linked list.

When the SSL is malconfigured, it can lead to an access to freed memory
during a "show tls-keys" on the admin socked.
---

diff --git a/src/cfgparse.c b/src/cfgparse.c
index fed5bd5377..d9afd843f7 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -8807,6 +8807,7 @@ out_uri_auth_compat:
 			if(bind_conf->keys_ref) {
 				free(bind_conf->keys_ref->filename);
 				free(bind_conf->keys_ref->tlskeys);
+				LIST_DEL(&bind_conf->keys_ref->list);
 				free(bind_conf->keys_ref);
 			}
 #endif /* USE_OPENSSL */