This is an automated email from the ASF dual-hosted git repository. bcall pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push: new 544c64147b coverity 1497349: use after free (#9807) 544c64147b is described below commit 544c64147b255db6f0c455bdfe11bf81c1392904 Author: Bryan Call <bc...@apache.org> AuthorDate: Fri Jun 9 08:40:18 2023 -0700 coverity 1497349: use after free (#9807) Switched to use a unique name instead of freeing the pointer and reuseing the old variable name. Looks like a false positive. --- iocore/net/SSLConfig.cc | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/iocore/net/SSLConfig.cc b/iocore/net/SSLConfig.cc index 7a5f4629ae..884c71e827 100644 --- a/iocore/net/SSLConfig.cc +++ b/iocore/net/SSLConfig.cc @@ -486,15 +486,16 @@ SSLConfigParams::initialize() // ++++++++++++++++++++++++ Client part ++++++++++++++++++++ client_verify_depth = 7; - char *verify_server = nullptr; - REC_ReadConfigStringAlloc(verify_server, "proxy.config.ssl.client.verify.server.policy"); - this->SetServerPolicy(verify_server); - ats_free(verify_server); + char *verify_server_policy = nullptr; + REC_ReadConfigStringAlloc(verify_server_policy, "proxy.config.ssl.client.verify.server.policy"); + this->SetServerPolicy(verify_server_policy); + ats_free(verify_server_policy); REC_RegisterConfigUpdateFunc("proxy.config.ssl.client.verify.server.policy", UpdateServerPolicy, nullptr); - REC_ReadConfigStringAlloc(verify_server, "proxy.config.ssl.client.verify.server.properties"); - this->SetServerPolicyProperties(verify_server); - ats_free(verify_server); + char *verify_server_properties = nullptr; + REC_ReadConfigStringAlloc(verify_server_properties, "proxy.config.ssl.client.verify.server.properties"); + this->SetServerPolicyProperties(verify_server_properties); + ats_free(verify_server_properties); REC_RegisterConfigUpdateFunc("proxy.config.ssl.client.verify.server.properties", UpdateServerPolicyProperties, nullptr); ssl_client_cert_filename = nullptr;