From 5574163073e08be8bd7841baab329a928f6f2495 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Fri, 7 Nov 2025 22:27:25 +0100
Subject: [PATCH] BUG/MINOR: acme: avoid a possible crash on error paths

In acme_EVP_PKEY_gen(), an error message is printed if *errmsg is set,
however, since commit 546c67d13 ("MINOR: acme: generate a temporary key
pair"), errmsg is passed as NULL in at least one occurrence, leading
the compiler to issue a NULL deref warning at -O3. And indeed, if the
errors are encountered, a crash will occur. No backport is needed.
---
 src/acme.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/acme.c b/src/acme.c
index ac8a76dc2..7f7a4c649 100644
--- a/src/acme.c
+++ b/src/acme.c
@@ -2584,29 +2584,29 @@ static EVP_PKEY *acme_EVP_PKEY_gen(int keytype, int curves, int bits, char **err
 	EVP_PKEY *pkey = NULL;
 
 	if ((pkey_ctx = EVP_PKEY_CTX_new_id(keytype, NULL)) == NULL) {
-		memprintf(errmsg, "%sCan't generate a private key.\n", *errmsg ? *errmsg : "");
+		memprintf(errmsg, "%sCan't generate a private key.\n", errmsg && *errmsg ? *errmsg : "");
 		goto err;
 	}
 
 	if (EVP_PKEY_keygen_init(pkey_ctx) <= 0) {
-		memprintf(errmsg, "%sCan't generate a private key.\n", *errmsg ? *errmsg : "");
+		memprintf(errmsg, "%sCan't generate a private key.\n", errmsg && *errmsg ? *errmsg : "");
 		goto err;
 	}
 
 	if (keytype == EVP_PKEY_EC) {
 		if (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pkey_ctx, curves) <= 0) {
-			memprintf(errmsg, "%sCan't set the curves on the new private key.\n", *errmsg ? *errmsg : "");
+			memprintf(errmsg, "%sCan't set the curves on the new private key.\n", errmsg && *errmsg ? *errmsg : "");
 			goto err;
 		}
 	} else if (keytype == EVP_PKEY_RSA) {
 		if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, bits) <= 0) {
-			memprintf(errmsg, "%sCan't set the bits on the new private key.\n", *errmsg ? *errmsg : "");
+			memprintf(errmsg, "%sCan't set the bits on the new private key.\n", errmsg && *errmsg ? *errmsg : "");
 			goto err;
 		}
 	}
 
 	if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0) {
-		memprintf(errmsg, "%sCan't generate a private key.\n", *errmsg ? *errmsg : "");
+		memprintf(errmsg, "%sCan't generate a private key.\n", errmsg && *errmsg ? *errmsg : "");
 		goto err;
 	}
 
-- 
2.47.3