BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert

During a 'set ssl cert', the result of the strrchr was wrongly tested
and can lead to a segfault when the certificate path did not contained a
dot.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index aaa8652885aadd70b9714a78d3c8a70d734231a1..c62133ddbc14b587ddfa7acdbe04ef82d03621b2 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -10260,13 +10260,13 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx,
                /* if the ongoing transaction is a bundle, we need to find which part of the bundle need to be updated */
 #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
                if (ckchs_transaction.new_ckchs->multi) {
-                       char *end = NULL;
+                       char *end;
                        int j;
 
                        /* check if it was used in a bundle by removing the
                         *   .dsa/.rsa/.ecdsa at the end of the filename */
                        end = strrchr(buf->area, '.');
-                       for (j = 0; *end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
+                       for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
                                if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
                                        bundle = j; /* keep the type of certificate so we insert it at the right place */
                                        *end = '\0'; /* it's a bundle let's end the string*/
@@ -10314,13 +10314,13 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx,
                        }
 #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
                        {
-                               char *end = NULL;
+                               char *end;
                                int j;
 
                                /* check if it was used in a bundle by removing the
                                 *   .dsa/.rsa/.ecdsa at the end of the filename */
                                end = strrchr(buf->area, '.');
-                               for (j = 0; *end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
+                               for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
                                        if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
                                                bundle = j; /* keep the type of certificate so we insert it at the right place */
                                                *end = '\0'; /* it's a bundle let's end the string*/