From 18eeb8e8156c4f32a65cee40a96b0b30e74eeb59 Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Fri, 20 Mar 2020 14:42:36 +0100 Subject: [PATCH] BUG/MINOR: ssl/cli: fix a potential NULL dereference Fix a potential NULL dereference in "show ssl cert" when we can't allocate the trash buffer. This patch creates a new label so we could jump without trying to do the ci_putchk in this case. This bug was introduced by ea987ed ("MINOR: ssl/cli: 'new ssl cert' command"). 2.2 only. This bug was referenced by issue #556. --- src/ssl_sock.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index bf571dd8a..9b44e9d0b 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -11249,7 +11249,7 @@ static int cli_io_handler_show_cert_detail(struct appctx *appctx) int i; if (!tmp || !out) - goto end; + goto end_no_putchk; if (!ckchs->multi) { chunk_appendf(out, "Filename: "); @@ -11374,6 +11374,7 @@ end: goto yield; } +end_no_putchk: if (bio) BIO_free(bio); free_trash_chunk(tmp);