From: William Lallemand <wlallemand@haproxy.org>
Date: Mon, 29 Aug 2022 16:53:34 +0000 (+0200)
Subject: BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()
X-Git-Tag: v2.7-dev5~37
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=056ad01d5;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: leak of ckch_inst_link in ckch_inst_free()

ckch_inst_free() unlink the ckch_inst_link structure but never free it.
It can cause a memory leak upon a ckch_inst_free() done with CLI
operation.

Bug introduced by commit 4458b97 ("MEDIUM: ssl: Chain ckch instances in
ca-file entries").

Must be backported as far as 2.5.
---

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 6db62e193c..2feb769ca6 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -989,6 +989,7 @@ void ckch_inst_free(struct ckch_inst *inst)
 	list_for_each_entry_safe(link_ref, link_ref_s, &inst->cafile_link_refs, list) {
 		LIST_DELETE(&link_ref->link->list);
 		LIST_DELETE(&link_ref->list);
+		free(link_ref->link);
 		free(link_ref);
 	}