commit 40f2f1e341ba66df6c9afbfd03bfbe49ba6be5cf
author Emmanuel Hocdet <manu@gandi.net> Wed Oct 30 17:31:28 2019 +0100
committer William Lallemand <wlallemand@haproxy.org> Thu Oct 31 17:32:06 2019 +0100
tree ee468b07bd2abaf9495486f8dffcddc0f6b13c98
parent eaad5cc2d83ddd2b1c3ea314cb7eba0d54e45b64

BUG/MEDIUM: ssl/cli: fix dot research in cli_parse_set_cert

During a 'set ssl cert', the result of the strrchr was wrongly tested
and can lead to a segfault when the certificate path did not contained a
dot.

src/ssl_sock.c

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index aaa8652..c62133d 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -10260,13 +10260,13 @@
 		/* if the ongoing transaction is a bundle, we need to find which part of the bundle need to be updated */
 #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
 		if (ckchs_transaction.new_ckchs->multi) {
-			char *end = NULL;
+			char *end;
 			int j;
 
 			/* check if it was used in a bundle by removing the
 			 *   .dsa/.rsa/.ecdsa at the end of the filename */
 			end = strrchr(buf->area, '.');
-			for (j = 0; *end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
+			for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
 				if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
 					bundle = j; /* keep the type of certificate so we insert it at the right place */
 					*end = '\0'; /* it's a bundle let's end the string*/
@@ -10314,13 +10314,13 @@
 			}
 #if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
 			{
-				char *end = NULL;
+				char *end;
 				int j;
 
 				/* check if it was used in a bundle by removing the
 				 *   .dsa/.rsa/.ecdsa at the end of the filename */
 				end = strrchr(buf->area, '.');
-				for (j = 0; *end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
+				for (j = 0; end && j < SSL_SOCK_NUM_KEYTYPES; j++) {
 					if (!strcmp(end + 1, SSL_SOCK_KEYTYPE_NAMES[j])) {
 						bundle = j; /* keep the type of certificate so we insert it at the right place */
 						*end = '\0'; /* it's a bundle let's end the string*/