BUG/MINOR: ssl: Fix potential leak in cli_parse_update_ocsp_response In some extremely unlikely case (or even impossible for now), we might exit cli_parse_update_ocsp_response without raising an error but with a filled 'err' buffer. It was not properly free'd. It does not need to be backported.

commit: d32c8e3ccbd18d200c57458c3023643cdc971ef1 [log] [tgz]
author: Remi Tricot-Le Breton <rlebreton@haproxy.com> Tue Mar 21 10:28:34 2023 +0100
committer: William Lallemand <wlallemand@haproxy.org> Fri Mar 31 09:10:36 2023 +0200
tree: bbe93f1de9bc1e88a94950b6dcc3ffbdaf5904c5
parent: ae5187721f93ab03049dba2442e119a44ce760f2 [diff]
diff --git a/src/ssl_ocsp.c b/src/ssl_ocsp.c
index 979a87b..8a7cb27 100644
--- a/src/ssl_ocsp.c
+++ b/src/ssl_ocsp.c

@@ -1397,6 +1397,8 @@
 
 	task_wakeup(ocsp_update_task, TASK_WOKEN_MSG);
 
+	free(err);
+
 	return 0;
 
 end:
commit	d32c8e3ccbd18d200c57458c3023643cdc971ef1	[log] [tgz]
author	Remi Tricot-Le Breton <rlebreton@haproxy.com>	Tue Mar 21 10:28:34 2023 +0100
committer	William Lallemand <wlallemand@haproxy.org>	Fri Mar 31 09:10:36 2023 +0200
tree	bbe93f1de9bc1e88a94950b6dcc3ffbdaf5904c5
parent	ae5187721f93ab03049dba2442e119a44ce760f2 [diff]