MINOR: ssl: check allocation in parse ciphers/ciphersuites/verifyhost
These checks are especially required now as this function will be used
at runtime for dynamic servers.
diff --git a/src/cfgparse-ssl.c b/src/cfgparse-ssl.c
index 3739f3c..2adb92e 100644
--- a/src/cfgparse-ssl.c
+++ b/src/cfgparse-ssl.c
@@ -1414,6 +1414,12 @@
free(newsrv->ssl_ctx.ciphers);
newsrv->ssl_ctx.ciphers = strdup(args[*cur_arg + 1]);
+
+ if (!newsrv->ssl_ctx.ciphers) {
+ memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
+ return ERR_ALERT | ERR_FATAL;
+ }
+
return 0;
}
@@ -1428,6 +1434,12 @@
free(newsrv->ssl_ctx.ciphersuites);
newsrv->ssl_ctx.ciphersuites = strdup(args[*cur_arg + 1]);
+
+ if (!newsrv->ssl_ctx.ciphersuites) {
+ memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
+ return ERR_ALERT | ERR_FATAL;
+ }
+
return 0;
}
#endif
@@ -1641,6 +1653,11 @@
free(newsrv->ssl_ctx.verify_host);
newsrv->ssl_ctx.verify_host = strdup(args[*cur_arg + 1]);
+ if (!newsrv->ssl_ctx.verify_host) {
+ memprintf(err, "'%s' : not enough memory", args[*cur_arg]);
+ return ERR_ALERT | ERR_FATAL;
+ }
+
return 0;
}