rpm/haproxy
SHA256
1
0
Fork 0
forked from pool/haproxy
Code Pull Requests Activity
9062a2b6ea
haproxy/0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch
Marcus Rueckert 55e4255fc5 - pull patches from git to fix some important issues: 
0001-BUG-MAJOR-fix-listening-IP-address-storage-for-front.patch
  0002-BUG-MINOR-fix-listening-IP-address-storage-for-front.patch
  0003-DOC-Fix-typo-so-fetch-is-properly-parsed-by-Cyril-s-.patch
  0004-BUG-MAJOR-http-fix-breakage-of-reqdeny-causing-rando.patch
  0005-BUG-MEDIUM-stick-tables-fix-breakage-in-table-conver.patch
  0006-BUG-MEDIUM-dns-unbreak-DNS-resolver-after-header-fix.patch
  0007-BUILD-fix-build-on-Solaris-11.patch
  0008-CLEANUP-connection-fix-double-negation-on-memcmp.patch
  0009-BUG-MEDIUM-stats-show-servers-state-may-show-an-serv.patch
  0010-BUG-MEDIUM-fix-risk-of-segfault-with-show-tls-keys.patch
  0011-BUG-MEDIUM-sticktables-segfault-in-some-configuratio.patch
  0012-BUG-MEDIUM-lua-converters-doesn-t-work.patch
  0013-BUG-MINOR-http-add-header-header-name-copied-twice.patch
  0014-BUG-MEDIUM-http-add-header-buffer-overwritten.patch

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=129
2016-06-09 12:56:55 +00:00

31 lines
964 B
Diff
Raw Blame History

From ff8957a6f44061594b0e2456de172b7c9f453a3f Mon Sep 17 00:00:00 2001
From: William Lallemand <wlallemand@haproxy.com>
Date: Fri, 20 May 2016 17:28:07 +0200
Subject: [PATCH 10/14] BUG/MEDIUM: fix risk of segfault with "show tls-keys"
The reference to the tls_keys_ref was not deleted from the
tlskeys_reference linked list.
When the SSL is malconfigured, it can lead to an access to freed memory
during a "show tls-keys" on the admin socked.
(cherry picked from commit 7bba4ccfb68b2fc0e76f51bcca7cdcb1388c4023)
---
src/cfgparse.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/cfgparse.c b/src/cfgparse.c
index b0f837e..7025b6a 100644
--- a/src/cfgparse.c
+++ b/src/cfgparse.c
@@ -8728,6 +8728,7 @@ out_uri_auth_compat:
if(bind_conf->keys_ref) {
free(bind_conf->keys_ref->filename);
free(bind_conf->keys_ref->tlskeys);
+ LIST_DEL(&bind_conf->keys_ref->list);
free(bind_conf->keys_ref);
}
#endif /* USE_OPENSSL */
--
2.6.6
View Git Blame Copy Permalink