]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1621dc1)
BUG/MINOR: ssl: ocsp structure not freed properly in case of error
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>
Thu, 3 Nov 2022 14:16:49 +0000 (15:16 +0100)
committerWilliam Lallemand <wlallemand@haproxy.org>
Fri, 4 Nov 2022 10:40:29 +0000 (11:40 +0100)
In case of error, the ocsp item might already be in the ocsp certificate
tree but simply freed instead of destroyed through ssl_sock_free_ocsp.

This patch can be backported to all stable versions.

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 801405b309ae1c1b0fdf91aefd71384678ce4fb9..55602055353d763252f8079b5c9892e51cb2c3c2 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1594,7 +1594,7 @@ out:
                OCSP_CERTID_free(cid);
 
        if (ocsp)
-               free(ocsp);
+               ssl_sock_free_ocsp(ocsp);
 
        if (warn)
                free(warn);
Mirror of https://github.com/haproxy/haproxy.git