BUG/MINOR: http: Missing calloc return value check while parsing tcp-request/tcp-response A memory allocation failure happening in tcp_parse_tcp_req or tcp_parse_tcp_rep when trying to allocate an act_rule structure would have resulted in a crash. These functions are only called during configuration parsing. It was raised in GitHub issue #1233. It could be backported to all stable branches.

commit: 2ca42b4656f60655a5295a66f321239faee2d9fe [log] [tgz]
author: Remi Tricot-Le Breton <rlebreton@haproxy.com> Wed May 12 18:24:18 2021 +0200
committer: Christopher Faulet <cfaulet@haproxy.com> Mon May 31 10:51:00 2021 +0200
tree: 0c8978a620345a1f927da77706b639401058c68b
parent: 18a82ba690a6ff4adbf9702cefa6dc89eb36372d [diff] [blame]
diff --git a/src/tcp_rules.c b/src/tcp_rules.c
index 2e1eac4..edc287b 100644
--- a/src/tcp_rules.c
+++ b/src/tcp_rules.c

@@ -1055,6 +1055,10 @@
 	}
 
 	rule = calloc(1, sizeof(*rule));
+	if (!rule) {
+		memprintf(err, "parsing [%s:%d] : out of memory", file, line);
+		return -1;
+	}
 	LIST_INIT(&rule->list);
 	arg = 1;
 	where = 0;
@@ -1169,6 +1173,10 @@
 	}
 
 	rule = calloc(1, sizeof(*rule));
+	if (!rule) {
+		memprintf(err, "parsing [%s:%d] : out of memory", file, line);
+		return -1;
+	}
 	LIST_INIT(&rule->list);
 	arg = 1;
 	where = 0;
commit	2ca42b4656f60655a5295a66f321239faee2d9fe	[log] [tgz]
author	Remi Tricot-Le Breton <rlebreton@haproxy.com>	Wed May 12 18:24:18 2021 +0200
committer	Christopher Faulet <cfaulet@haproxy.com>	Mon May 31 10:51:00 2021 +0200
tree	0c8978a620345a1f927da77706b639401058c68b
parent	18a82ba690a6ff4adbf9702cefa6dc89eb36372d [diff] [blame]