From: Christopher Faulet <cfaulet@haproxy.com>
Date: Wed, 23 Nov 2022 08:27:13 +0000 (+0100)
Subject: BUILD: ssl-sock: Silent error about NULL deref in ssl_sock_bind_verifycbk()
X-Git-Tag: v2.7-dev10~21
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=881cce9f139ddc4f02994ad443f9fc250e34da7c;p=thirdparty%2Fhaproxy.git

BUILD: ssl-sock: Silent error about NULL deref in ssl_sock_bind_verifycbk()

In ssl_sock_bind_verifycbk(), when compiled without QUIC support, the
compiler may report an error during compilation about a possible NULL
dereference:

src/ssl_sock.c: In function ‘ssl_sock_bind_verifycbk’:
src/ssl_sock.c:1738:12: error: potential null pointer dereference [-Werror=null-dereference]
 1738 |         ctx->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;
      |         ~~~^~~~~~~~~

A BUG_ON() was addeded because it must never happen. But when compiled
without DEBUG_STRICT, there is nothing to help the compiler. Thus
ALREADY_CHECKED() macro is used. The ssl-sock context and the bind config
are concerned.

This patch must be backported to 2.6.
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 2a4d64429a..ad40b75ceb 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1734,6 +1734,8 @@ int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store)
 #endif
 
 	BUG_ON(!ctx || !bind_conf);
+	ALREADY_CHECKED(ctx);
+	ALREADY_CHECKED(bind_conf);
 
 	ctx->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE;