BUG/MINOR: ssl: memleak of struct crtlist_entry
There is a memleak of the entry structure in crtlist_load_cert_dir(), in
the case we can't stat the file, or this is not a regular file. Let's
move the entry allocation so it's done after these tests.
Fix issue #551.
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 2c7892c..73375bc 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4478,6 +4478,16 @@
if (end && (!strcmp(end, ".issuer") || !strcmp(end, ".ocsp") || !strcmp(end, ".sctl") || !strcmp(end, ".key")))
goto ignore_entry;
+ snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
+ if (stat(fp, &buf) != 0) {
+ memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
+ err && *err ? *err : "", fp, strerror(errno));
+ cfgerr |= ERR_ALERT | ERR_FATAL;
+ goto ignore_entry;
+ }
+ if (!S_ISREG(buf.st_mode))
+ goto ignore_entry;
+
entry = malloc(sizeof(*entry));
if (entry == NULL) {
memprintf(err, "not enough memory '%s'", fp);
@@ -4490,16 +4500,6 @@
entry->filters = NULL;
entry->ssl_conf = NULL;
- snprintf(fp, sizeof(fp), "%s/%s", path, de->d_name);
- if (stat(fp, &buf) != 0) {
- memprintf(err, "%sunable to stat SSL certificate from file '%s' : %s.\n",
- err && *err ? *err : "", fp, strerror(errno));
- cfgerr |= ERR_ALERT | ERR_FATAL;
- goto ignore_entry;
- }
- if (!S_ISREG(buf.st_mode))
- goto ignore_entry;
-
#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
is_bundle = 0;
/* Check if current entry in directory is part of a multi-cert bundle */