mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-25 14:12:13 +00:00
MINOR: ssl: check parameter in ckch_conf_cmp()
Check prev and new parameters in ckch_conf_cmp() so we don't dereference a NULL ptr. There is no risk since it's not used with a NULL ptr yet. Also remove the check that are done later, and do it at the beginning of the function. Should fix issue #2572.
This commit is contained in:
parent
140078c19d
commit
d74ba7cc24
@ -4168,6 +4168,9 @@ int ckch_conf_cmp(struct ckch_conf *prev, struct ckch_conf *new, char **err)
|
|||||||
int ret = 0;
|
int ret = 0;
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
|
if (!prev || !new)
|
||||||
|
return 1;
|
||||||
|
|
||||||
/* compatibility check */
|
/* compatibility check */
|
||||||
|
|
||||||
if (prev->used == CKCH_CONF_SET_EMPTY) {
|
if (prev->used == CKCH_CONF_SET_EMPTY) {
|
||||||
@ -4197,8 +4200,8 @@ int ckch_conf_cmp(struct ckch_conf *prev, struct ckch_conf *new, char **err)
|
|||||||
switch (ckch_conf_kws[i].type) {
|
switch (ckch_conf_kws[i].type) {
|
||||||
case PARSE_TYPE_STR: {
|
case PARSE_TYPE_STR: {
|
||||||
char *avail1, *avail2;
|
char *avail1, *avail2;
|
||||||
avail1 = prev ? *(char **)((intptr_t)prev + (ptrdiff_t)ckch_conf_kws[i].offset) : NULL;
|
avail1 = *(char **)((intptr_t)prev + (ptrdiff_t)ckch_conf_kws[i].offset);
|
||||||
avail2 = new ? *(char **)((intptr_t)new + (ptrdiff_t)ckch_conf_kws[i].offset) : NULL;
|
avail2 = *(char **)((intptr_t)new + (ptrdiff_t)ckch_conf_kws[i].offset);
|
||||||
|
|
||||||
/* must alert when strcmp is wrong, or when one of the field is NULL */
|
/* must alert when strcmp is wrong, or when one of the field is NULL */
|
||||||
if (((avail1 && avail2) && strcmp(avail1, avail2) != 0) || (!!avail1 ^ !!avail2)) {
|
if (((avail1 && avail2) && strcmp(avail1, avail2) != 0) || (!!avail1 ^ !!avail2)) {
|
||||||
@ -4217,8 +4220,8 @@ int ckch_conf_cmp(struct ckch_conf *prev, struct ckch_conf *new, char **err)
|
|||||||
int q1, q2; /* final ocsp-update value (from default) */
|
int q1, q2; /* final ocsp-update value (from default) */
|
||||||
|
|
||||||
|
|
||||||
o1 = prev ? *(int *)((intptr_t)prev + (ptrdiff_t)ckch_conf_kws[i].offset) : 0;
|
o1 = *(int *)((intptr_t)prev + (ptrdiff_t)ckch_conf_kws[i].offset);
|
||||||
o2 = new ? *(int *)((intptr_t)new + (ptrdiff_t)ckch_conf_kws[i].offset) : 0;
|
o2 = *(int *)((intptr_t)new + (ptrdiff_t)ckch_conf_kws[i].offset);
|
||||||
|
|
||||||
q1 = (o1 == SSL_SOCK_OCSP_UPDATE_DFLT) ? global_ssl.ocsp_update.mode : o1;
|
q1 = (o1 == SSL_SOCK_OCSP_UPDATE_DFLT) ? global_ssl.ocsp_update.mode : o1;
|
||||||
q2 = (o2 == SSL_SOCK_OCSP_UPDATE_DFLT) ? global_ssl.ocsp_update.mode : o2;
|
q2 = (o2 == SSL_SOCK_OCSP_UPDATE_DFLT) ? global_ssl.ocsp_update.mode : o2;
|
||||||
|
Loading…
Reference in New Issue
Block a user