From: William Lallemand <wlallemand@haproxy.org>
Date: Tue, 4 May 2021 14:17:27 +0000 (+0200)
Subject: BUG/MINOR: ssl/cli: fix a lock leak when no memory available
X-Git-Tag: v2.4-dev19~153
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5ba80d677d563517bb9754c272e6df94adae281b;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl/cli: fix a lock leak when no memory available

This bug was introduced in e5ff4ad ("BUG/MINOR: ssl: fix a trash buffer
leak in some error cases").

When cli_parse_set_cert() returns because alloc_trash_chunk() failed, it
does not unlock the spinlock which can lead to a deadlock later.

Must be backported as far as 2.1 where e5ff4ad was backported.
---

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index c41c1789cf..a6f18bd7b3 100644
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -1560,8 +1560,11 @@ static int cli_parse_set_cert(char **args, char *payload, struct appctx *appctx,
 	if (HA_SPIN_TRYLOCK(CKCH_LOCK, &ckch_lock))
 		return cli_err(appctx, "Can't update the certificate!\nOperations on certificates are currently locked!\n");
 
-	if ((buf = alloc_trash_chunk()) == NULL)
-		return cli_err(appctx, "Can't allocate memory\n");
+	if ((buf = alloc_trash_chunk()) == NULL) {
+		memprintf(&err, "%sCan't allocate memory\n", err ? err : "");
+		errcode |= ERR_ALERT | ERR_FATAL;
+		goto end;
+	}
 
 	if (!chunk_strcpy(buf, args[3])) {
 		memprintf(&err, "%sCan't allocate memory\n", err ? err : "");