]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0c4b7d7)
BUG/MINOR: ssl: fix memory leaks on realloc failure in ssl_sock.c
authorIlia Shipitsin <chipitsine@gmail.com>
Mon, 13 Apr 2026 16:14:51 +0000 (18:14 +0200)
committerWilliam Lallemand <wlallemand@irq6.net>
Sat, 25 Apr 2026 09:08:31 +0000 (11:08 +0200)
Replace bare realloc() calls with my_realloc2(), which frees the original
pointer on allocation failure, preventing a memory leak when the pointer
is subsequently overwritten with NULL.

Must be backported to 3.3.

src/ssl_sock.c patch | blob | blame | history

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 3ebd1b0d6c729b695305998eedce74533c77ce08..d818de7aa4e4fd6688783e34537e8a439f1b909f 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3743,7 +3743,7 @@ static void ssl_sock_resize_passphrase_cache(void)
        int idx;
        int new_size = passphrase_cache_size << 1;
 
-       passphrase_randoms = realloc(passphrase_randoms, sizeof(*passphrase_randoms) * (new_size));
+       passphrase_randoms = my_realloc2(passphrase_randoms, sizeof(*passphrase_randoms) * (new_size));
        if (!passphrase_randoms) {
                ha_alert("ssl_sock_passwd_cb: passphrase randoms realloc failed");
                passphrase_idx = -1;
@@ -3759,7 +3759,7 @@ static void ssl_sock_resize_passphrase_cache(void)
 
        if (passphrase_cache_size) {
                passphrase_cache_size = new_size;
-               passphrase_cache = realloc(passphrase_cache, sizeof(*passphrase_cache) * passphrase_cache_size);
+               passphrase_cache = my_realloc2(passphrase_cache, sizeof(*passphrase_cache) * passphrase_cache_size);
                if (!passphrase_cache) {
                        ha_alert("ssl_sock_passwd_cb: passphrase cache realloc failed");
                        passphrase_idx = -1;
@@ -4251,7 +4251,7 @@ static int ssl_sess_new_srv_cb(SSL *ssl, SSL_SESSION *sess)
                if (!ptr || s->ssl_ctx.reused_sess[tid].allocated_size < len) {
                        /* insufficient storage, reallocate */
                        len = (len + 7) & -8; /* round to the nearest 8 bytes */
-                       ptr = realloc(ptr, len);
+                       ptr = my_realloc2(ptr, len);
                        if (!ptr)
                                free(s->ssl_ctx.reused_sess[tid].ptr);
                        s->ssl_ctx.reused_sess[tid].ptr = ptr;
Mirror of https://github.com/haproxy/haproxy.git