From: William Lallemand Date: Tue, 23 Feb 2021 13:45:45 +0000 (+0100) Subject: BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert" X-Git-Tag: v2.4-dev10~76 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6c0961442c5e19a1bfc706374f96cfbd42feaeb2;p=thirdparty%2Fhaproxy.git BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert" A potential null pointer dereference was reported with an old gcc version (6.5) src/ssl_ckch.c: In function 'cli_parse_set_cert': src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference] if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch)) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference] src/ssl_ckch.c: In function 'ckchs_dup': src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference] if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch)) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference] cc1: all warnings being treated as errors This case does not actually happen but it's better to fix the ckch API with a NULL check. Could be backported as far as 2.1. --- diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index 8aa29bd22e..174ab0a96c 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -662,6 +662,9 @@ void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch) struct cert_key_and_chain *ssl_sock_copy_cert_key_and_chain(struct cert_key_and_chain *src, struct cert_key_and_chain *dst) { + if (!src || !dst) + return NULL; + if (src->cert) { dst->cert = src->cert; X509_up_ref(src->cert); @@ -833,6 +836,9 @@ struct ckch_store *ckchs_dup(const struct ckch_store *src) { struct ckch_store *dst; + if (!src) + return NULL; + dst = ckch_store_new(src->path); if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))