From: Ilia Shipitsin <chipitsine@gmail.com>
Date: Tue, 3 Dec 2024 16:13:05 +0000 (+0100)
Subject: BUG/MINOR: ssl_crtlist: handle a possible strdup() failure
X-Git-Tag: v3.2-dev1~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ce30bc17305e4ac2dec7d641eedcb301a237d863;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl_crtlist: handle a possible strdup() failure

This defect was found by the coccinelle script "unchecked-strdup.cocci".
It can be backported to all supported branches.
---

diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c
index 71fa0a0b1e..189d6e6ca1 100644
--- a/src/ssl_crtlist.c
+++ b/src/ssl_crtlist.c
@@ -608,6 +608,11 @@ int crtlist_parse_file(char *file, struct bind_conf *bind_conf, struct proxy *cu
 				found++;
 				free(cc.crt);
 				cc.crt = strdup(crt_path);
+				if (cc.crt == NULL) {
+					cfgerr |= ERR_ALERT | ERR_FATAL;
+					goto error;
+				}
+
 				ckchs = ckch_store_new_load_files_conf(crt_path, &cc, err);
 				if (ckchs == NULL) {
 					cfgerr |= ERR_ALERT | ERR_FATAL;