]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 31e4f6e)
BUG/MINOR: jwt: Double free in deinit function
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>
Fri, 4 Feb 2022 13:06:34 +0000 (14:06 +0100)
committerWilliam Lallemand <wlallemand@haproxy.org>
Tue, 15 Feb 2022 19:08:20 +0000 (20:08 +0100)
The node pointer was not moving properly along the jwt_cert_tree during
the deinit which ended in a double free during cleanup (or when checking
a configuration that used the jwt_verify converter with an explicit
certificate specified).

This patch fixes GitHub issue #1533.
It should be backported to 2.5.

src/jwt.c patch | blob | blame | history

diff --git a/src/jwt.c b/src/jwt.c
index 8c45375428f552e837866e74c4fbb30b63474ffd..1c13209e01191891454093149409f5616a0d4418 100644 (file)
--- a/src/jwt.c
+++ b/src/jwt.c
@@ -363,6 +363,7 @@ static void jwt_deinit(void)
        node = ebmb_first(&jwt_cert_tree);
        while (node) {
                entry = ebmb_entry(node, struct jwt_cert_tree_entry, node);
+               ebmb_delete(node);
                ha_free(&entry);
                node = ebmb_first(&jwt_cert_tree);
        }
Mirror of https://github.com/haproxy/haproxy.git