From: Emmanuel Hocdet Date: Wed, 30 Oct 2019 16:31:28 +0000 (+0100) Subject: BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert X-Git-Tag: v2.1-dev4~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=40f2f1e341ba66df6c9afbfd03bfbe49ba6be5cf;p=thirdparty%2Fhaproxy.git BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert During a 'set ssl cert', the result of the strrchr was wrongly tested and can lead to a segfault when the certificate path did not contained a dot. --- diff --git a/src/ssl_sock.c b/src/ssl_sock.c index aaa8652885..c62133ddbc 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -10260,13 +10260,13 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx, /* if the ongoing transaction is a bundle, we need to find which part of the bundle need to be updated */ #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL if (ckchs_transaction.new_ckchs->multi) { - char *end = NULL; + char *end; int j; /* check if it was used in a bundle by removing the * .dsa/.rsa/.ecdsa at the end of the filename */ end = strrchr(buf->area, '.'); - for (j = 0; *end && j < SSL_SOCK_NUM_KEYTYPES; j++) { + for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) { if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) { bundle = j; /* keep the type of certificate so we insert it at the right place */ *end = '\0'; /* it's a bundle let's end the string*/ @@ -10314,13 +10314,13 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx, } #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL { - char *end = NULL; + char *end; int j; /* check if it was used in a bundle by removing the * .dsa/.rsa/.ecdsa at the end of the filename */ end = strrchr(buf->area, '.'); - for (j = 0; *end && j < SSL_SOCK_NUM_KEYTYPES; j++) { + for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) { if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) { bundle = j; /* keep the type of certificate so we insert it at the right place */ *end = '\0'; /* it's a bundle let's end the string*/