BUG/MINOR: http: Missing calloc return value check while parsing tcp-request/tcp...

A memory allocation failure happening in tcp_parse_tcp_req or
tcp_parse_tcp_rep when trying to allocate an act_rule structure would
have resulted in a crash. These functions are only called during
configuration parsing.

It was raised in GitHub issue #1233.
It could be backported to all stable branches.

diff --git a/src/tcp_rules.c b/src/tcp_rules.c
index 2e1eac4ee5d36e1a61405a3e5016497e3e39503f..edc287b56c8e36eda329e416c27d0af8039a5348 100644 (file)
--- a/src/tcp_rules.c
+++ b/src/tcp_rules.c
@@ -1055,6 +1055,10 @@ static int tcp_parse_tcp_rep(char **args, int section_type, struct proxy *curpx,
        }
 
        rule = calloc(1, sizeof(*rule));
+       if (!rule) {
+               memprintf(err, "parsing [%s:%d] : out of memory", file, line);
+               return -1;
+       }
        LIST_INIT(&rule->list);
        arg = 1;
        where = 0;
@@ -1169,6 +1173,10 @@ static int tcp_parse_tcp_req(char **args, int section_type, struct proxy *curpx,
        }
 
        rule = calloc(1, sizeof(*rule));
+       if (!rule) {
+               memprintf(err, "parsing [%s:%d] : out of memory", file, line);
+               return -1;
+       }
        LIST_INIT(&rule->list);
        arg = 1;
        where = 0;