upstream/haproxy
1
0
Fork 0
mirror of https://github.com/haproxy/haproxy.git synced 2026-03-18 00:22:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

BUG/MINOR: ssl: check conn in keylog sample fetch

Browse source 
Add a check on the conn pointer to avoid a NULL dereference in
smp_fetch_ssl_x_keylog().

The problem is not suppose to happen because the function is only used
for the frontend at the moment.

Introduced by 7d42ef5, 2.2 only.

Fix issue #733.
This commit is contained in:
William Lallemand 2020-07-07 10:48:13 +02:00 committed by William Lallemand
parent d742b6caf7
commit eec1d45f9d
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/ssl_sample.c
View file

@ -1121,6 +1121,9 @@ static int smp_fetch_ssl_x_keylog(const struct arg *args, struct sample *smp, co
conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
if (!conn)
return 0;
if (conn->flags & CO_FL_WAIT_XPRT) {
smp->flags |= SMP_F_MAY_CHANGE;
return 0;