MINOR: ssl: check allocation in parse ciphers/ciphersuites/verifyhost

These checks are especially required now as this function will be used
at runtime for dynamic servers.

diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c
index 3739f3cda6e6aadd1353953261ab4bf9750c45cf..2adb92e85d97cefe8eef3b31cb0582a0236129e7 100644 (file)
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c
@@ -1414,6 +1414,12 @@ static int srv_parse_ciphers(char **args, int *cur_arg, struct proxy *px, struct
 
        free(newsrv->ssl_ctx.ciphers);
        newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
+
+       if (!newsrv->ssl_ctx.ciphers) {
+               memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
+               return ERR_ALERT | ERR_FATAL;
+       }
+
        return 0;
 }
 
@@ -1428,6 +1434,12 @@ static int srv_parse_ciphersuites(char **args, int *cur_arg, struct proxy *px, s
 
        free(newsrv->ssl_ctx.ciphersuites);
        newsrv->ssl_ctx.ciphersuites = strdup(args[*cur_arg + 1]);
+
+       if (!newsrv->ssl_ctx.ciphersuites) {
+               memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
+               return ERR_ALERT | ERR_FATAL;
+       }
+
        return 0;
 }
 #endif
@@ -1641,6 +1653,11 @@ static int srv_parse_verifyhost(char **args, int *cur_arg, struct proxy *px, str
        free(newsrv->ssl_ctx.verify_host);
        newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
 
+       if (!newsrv->ssl_ctx.verify_host) {
+               memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
+               return ERR_ALERT | ERR_FATAL;
+       }
+
        return 0;
 }