From: BiancaDogareci Date: Sat, 25 Apr 2026 12:00:37 +0000 (+0300) Subject: BUG/MINOR: ssl: fix memory leak on realloc failure in acme.ips X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=fa17a50c620237c88b7e1ca3ca3905c0e67217e4;p=thirdparty%2Fhaproxy.git BUG/MINOR: ssl: fix memory leak on realloc failure in acme.ips Fix a realloc() bug in ckchs_dup() when copying the acme.ips array, where overwriting the original pointer with NULL on allocation failure loses reference to the original memory block. Use my_realloc2() which safely handles the failure. No backport needed. --- diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c index 75392a6c2..04d7a302f 100644 --- a/src/ssl_ckch.c +++ b/src/ssl_ckch.c @@ -1119,7 +1119,7 @@ struct ckch_store *ckchs_dup(const struct ckch_store *src) /* copy the array of IP strings */ while (src->conf.acme.ips[n]) { - r = realloc(r, sizeof(char *) * (n + 2)); + r = my_realloc2(r, sizeof(char *) * (n + 2)); if (!r) goto error;