From: William Lallemand <wlallemand@haproxy.com>
Date: Thu, 9 Oct 2025 13:12:25 +0000 (+0200)
Subject: BUG/MINOR: ssl: leak crtlist_name in ssl-f-use
X-Git-Tag: v3.3-dev10~35
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=47a93dc7509b703706d7df4b53cbc0807897e6f5;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: leak crtlist_name in ssl-f-use

This patch fixes a leak of the temporary variable "crtlist_name" which
is used in the ssl-f-use parser.

Must be backported in 3.2.
---

diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c
index 1d53da59f..8dc923172 100644
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c
@@ -2483,7 +2483,8 @@ static int post_section_frontend_crt_init()
 		}
 	}
 
-	return err_code;
+	goto end;
+
 error:
 
 	if (err)
@@ -2499,9 +2500,11 @@ error:
 		ha_free(&n);
 	}
 
-	ha_free(&crtlist_name);
 	crtlist_entry_free(entry);
 	crtlist_free(newlist);
+
+end:
+	ha_free(&crtlist_name);
 	return err_code;
 }