Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 73617f937e001514305a3ee5a259bf45a3f0961b
commit73617f937e001514305a3ee5a259bf45a3f0961b[log] [tgz]
authorAmaury Denoyelle <adenoyelle@haproxy.com>Wed Jul 21 11:50:12 2021 +0200
committerChristopher Faulet <cfaulet@haproxy.com>Tue Jul 27 08:12:13 2021 +0200
tree1522fc974e808c36c9e37efce9871ce900929981
parent754f798a0813cc3f86e70ece3a533822709d0f1c [diff]
BUG/MEDIUM: ssl_sample: fix segfault for srv samples on invalid request

Some ssl samples cause a segfault when the stream is not instantiated,
for example during an invalid HTTP request. A new check is added to
prevent the stream dereferencing if NULL.

This is the list of the affected samples :
- ssl_s_chain_der
- ssl_s_der
- ssl_s_i_dn
- ssl_s_key_alg
- ssl_s_notafter
- ssl_s_notbefore
- ssl_s_s_dn
- ssl_s_serial
- ssl_s_sha1
- ssl_s_sig_alg
- ssl_s_version

This bug can be reproduced easily by using one of these samples in a
log-format string. Emit an invalid HTTP request with an HTTP client to
trigger the crash.

This bug has been reported in redmine issue 3913.

This must be backported up to 2.2.

(cherry picked from commit 5fcd428c35c45f7222b9aade0c0484fcdb558de9)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
1 file changed
tree: 1522fc974e808c36c9e37efce9871ce900929981
  1. .github/
  2. addons/
  3. admin/
  4. dev/
  5. doc/
  6. examples/
  7. include/
  8. reg-tests/
  9. scripts/
  10. src/
  11. tests/
  12. .cirrus.yml
  13. .gitattributes
  14. .gitignore
  15. .travis.yml
  16. BRANCHES
  17. CHANGELOG
  18. CONTRIBUTING
  19. INSTALL
  20. LICENSE
  21. MAINTAINERS
  22. Makefile
  23. README
  24. ROADMAP
  25. SUBVERS
  26. VERDATE
  27. VERSION