]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d82019d)
BUG/MINOR: ssl: Potential NULL deref in trace macro
authorRemi Tricot-Le Breton <rlebreton@haproxy.com>
Fri, 10 Oct 2025 12:16:31 +0000 (14:16 +0200)
committerChristopher Faulet <cfaulet@haproxy.com>
Mon, 13 Oct 2025 13:44:45 +0000 (15:44 +0200)
'ctx' might be NULL when we exit 'ssl_sock_handshake', it can't be
dereferenced without check in the trace macro.

This was found by Coverity andraised in GitHub #3113.
This patch should be backported up to 3.2

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 13339fa1b3328020ad582c80b5929ec74700ba05..1d40c11050a7f1805eef4dcc48177f2362c49f07 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5943,7 +5943,7 @@ reneg_ok:
        if (!conn->err_code)
                conn->err_code = CO_ER_SSL_HANDSHAKE;
 
-       TRACE_ERROR("handshake error", SSL_EV_CONN_HNDSHK|SSL_EV_CONN_ERR, conn, ctx->ssl, &conn->err_code, (ctx ? &ctx->error_code : NULL));
+       TRACE_ERROR("handshake error", SSL_EV_CONN_HNDSHK|SSL_EV_CONN_ERR, conn, (ctx ? ctx->ssl : NULL), &conn->err_code, (ctx ? &ctx->error_code : NULL));
        return 0;
 }
 
Mirror of https://github.com/haproxy/haproxy.git