RepoMirrors/haproxy
1
0
Fork 0
mirror of http://git.haproxy.org/git/haproxy.git/ synced 2024-12-15 16:04:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

BUG/MEDIUM: ssl: avoid double free when releasing bind_confs

Browse Source 
ssl_sock functions don't mark pointers as NULL after freeing them. So
if a "bind" line specifies some SSL settings without the "ssl" keyword,
they will get freed at the end of check_config_validity(), then freed
a second time on exit. Simply mark the pointers as NULL to fix this.
This fix needs to be backported to 1.7 and 1.6.
This commit is contained in:
Willy Tarreau 2016-12-22 17:57:46 +01:00
parent 30fd4bd844
commit 94ff03af84
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/cfgparse.c
View File

@ -8850,6 +8850,13 @@ out_uri_auth_compat:
LIST_DEL(&bind_conf->keys_ref->list);
free(bind_conf->keys_ref);
}
bind_conf->keys_ref = NULL;
bind_conf->crl_file = NULL;
bind_conf->ecdhe = NULL;
bind_conf->ciphers = NULL;
bind_conf->ca_sign_pass = NULL;
bind_conf->ca_sign_file = NULL;
bind_conf->ca_file = NULL;
#endif /* USE_OPENSSL */
}

2
src/ssl_sock.c
View File

@ -3334,6 +3334,8 @@ ssl_sock_free_ca(struct bind_conf *bind_conf)
EVP_PKEY_free(bind_conf->ca_sign_pkey);
if (bind_conf->ca_sign_cert)
X509_free(bind_conf->ca_sign_cert);
bind_conf->ca_sign_pkey = NULL;
bind_conf->ca_sign_cert = NULL;
}
/*