BUG/MINOR: ssl: crt-ignore-err memory leak with 'all' parameter

Only allocate "str" if the parameter is not "all" in order to avoid any
memory leak.

No backport needed.

diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c
index 8925feaf828f918498fb17ead07b5631cf30a08e..d9e93e44071da5d22a9f63a991e3f0946b6d648e 100644 (file)
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c
@@ -836,15 +836,6 @@ static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, str
                return ERR_ALERT | ERR_FATAL;
        }
 
-       /* copy the string to be able to dump the complete one in case of
-        * error, because strtok_r is writing \0 inside. */
-       str = strdup(p);
-       if (!str) {
-               memprintf(err, "'%s' : Could not allocate memory", args[cur_arg]);
-               return ERR_ALERT | ERR_FATAL;
-
-       }
-
        if (strcmp(args[cur_arg], "ca-ignore-err") == 0)
                ignerr = conf->ca_ignerr_bitfield;
 
@@ -853,6 +844,14 @@ static int bind_parse_ignore_err(char **args, int cur_arg, struct proxy *px, str
                return 0;
        }
 
+       /* copy the string to be able to dump the complete one in case of
+        * error, because strtok_r is writing \0 inside. */
+       str = strdup(p);
+       if (!str) {
+               memprintf(err, "'%s' : Could not allocate memory", args[cur_arg]);
+               return ERR_ALERT | ERR_FATAL;
+       }
+
        s1 = str;
        while ((token = strtok_r(s1, ",", &s2))) {
                s1 = NULL;