git.ipfire.org Git - thirdparty/haproxy.git/commit

]> git.ipfire.org Git - thirdparty/haproxy.git/commit

projects / thirdparty / haproxy.git / commit

author	Willy Tarreau <w@1wt.eu>
	Tue, 26 May 2026 06:36:36 +0000 (08:36 +0200)
committer	Willy Tarreau <w@1wt.eu>
	Tue, 26 May 2026 11:13:24 +0000 (13:13 +0200)
commit	8cb0a0c53d392c3abf2bb6ccbf9ac1d90f77db24
tree	d6d9f97da671eabfd0d6978e6fb24eff49baba6e	tree \| snapshot
parent	e583b38c63939e334bd85321689413cd139953c0	commit \| diff

BUG/MEDIUM: acme: protect against risk of null-deref on connection failure

7 ACME state handlers iterate over hc->res.hdrs, but they can be called
after an error was detected, and the HTTP client will leave res.hdrs NULL
on connection errors before headers are received. Let's check this inside
the loop, like the chkorder handler already does.

Most of them, if not all, need to be backported to 3.2.

src/acme.c

diff | blob | blame | history

Mirror of https://github.com/haproxy/haproxy.git

RSS Atom