RepoMirrors
/
haproxy
mirror of http://git.haproxy.org/git/haproxy.git/
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

BUG/MINOR: quic: Possible crash when SSL session init fails 

This is due to the fact that qc->conn is never initialized before calling
qc_ssl_sess_init().

Must be backported as far as 2.6.
This commit is contained in:
Frédéric Lécaille 2023-06-02 16:56:16 +02:00
parent 4ad1c9635a
commit 29a1d3679b
1 changed files with 2 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/quic_conn.c
View File

@ -6733,7 +6733,7 @@ static int qc_ssl_sess_init(struct quic_conn *qc, SSL_CTX *ssl_ctx, SSL **ssl,
*ssl = SSL_new(ssl_ctx); *ssl = SSL_new(ssl_ctx);
if (!*ssl) { if (!*ssl) {
if (!retry--) if (!retry--)
goto err; goto leave;
pool_gc(NULL); pool_gc(NULL);
goto retry; goto retry;
@ -6744,7 +6744,7 @@ static int qc_ssl_sess_init(struct quic_conn *qc, SSL_CTX *ssl_ctx, SSL **ssl,
SSL_free(*ssl); SSL_free(*ssl);
*ssl = NULL; *ssl = NULL;
if (!retry--) if (!retry--)
goto err; goto leave;
pool_gc(NULL); pool_gc(NULL);
goto retry; goto retry;
@ -6754,10 +6754,6 @@ static int qc_ssl_sess_init(struct quic_conn *qc, SSL_CTX *ssl_ctx, SSL **ssl,
leave: leave:
TRACE_LEAVE(QUIC_EV_CONN_NEW, qc); TRACE_LEAVE(QUIC_EV_CONN_NEW, qc);
return ret; return ret;
err:
qc->conn->err_code = CO_ER_SSL_NO_MEM;
goto leave;
} }
/* Allocate the ssl_sock_ctx from connection <qc>. This creates the tasklet /* Allocate the ssl_sock_ctx from connection <qc>. This creates the tasklet