]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 246c024)
BUG/MEDIUM: ssl: NULL dereference in ssl_sock_load_cert_sni()
authorWilliam Lallemand <wlallemand@haproxy.com>
Mon, 14 Oct 2019 08:46:58 +0000 (10:46 +0200)
committerWilliam Lallemand <wlallemand@haproxy.org>
Mon, 14 Oct 2019 08:57:16 +0000 (10:57 +0200)
A NULL dereference can occur when inserting SNIs. In the case of
checking for duplicates, if there is already several sni_ctx with the
same key.

Fix issue #321.

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 6a781145b7e06058a5b8ec9a3674ce9f98942b24..90df6e7c6fab6067a8d2c641edc6c0e306b89fa3 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -2777,6 +2777,7 @@ static void ssl_sock_load_cert_sni(struct ckch_inst *ckch_inst, struct bind_conf
                                LIST_DEL(&sc0->by_ckch_inst);
                                free(sc0);
                                sc0 = NULL;
+                               break;
                        }
                }
 
Mirror of https://github.com/haproxy/haproxy.git