BUG/MEDIUM: ssl/cli: don't alloc path when cert not found

When doing an 'ssl set cert' with a certificate which does not exist in
configuration, the appctx->ctx.ssl.old_ckchs->path was duplicated while
app->ctx.ssl.old_ckchs was NULL, resulting in a NULL dereference.

Move the code so the 'not referenced' error is done before this.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index c62133ddbc14b587ddfa7acdbe04ef82d03621b2..98b3ad8b71f344d70d6e7a9592afff1665de0f83 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -10342,15 +10342,6 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx,
                }
 
                appctx->ctx.ssl.old_ckchs = find_ckchs[0] ? find_ckchs[0] : find_ckchs[1];
-
-               /* this is a new transaction, set the path of the transaction */
-               appctx->ctx.ssl.path = strdup(appctx->ctx.ssl.old_ckchs->path);
-               if (!appctx->ctx.ssl.path) {
-                       memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
-                       errcode |= ERR_ALERT | ERR_FATAL;
-                       goto end;
-               }
-
        }
 
        if (!appctx->ctx.ssl.old_ckchs) {
@@ -10360,6 +10351,15 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx,
                goto end;
        }
 
+       if (!appctx->ctx.ssl.path) {
+       /* this is a new transaction, set the path of the transaction */
+               appctx->ctx.ssl.path = strdup(appctx->ctx.ssl.old_ckchs->path);
+               if (!appctx->ctx.ssl.path) {
+                       memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
+                       errcode |= ERR_ALERT | ERR_FATAL;
+                       goto end;
+               }
+       }
 
        old_ckchs = appctx->ctx.ssl.old_ckchs;