Hi guys, The attached patch fixes a potential use after free, if for some reason we failed to get the address of a transfered socket. It should be fairly safe to apply.
Regards, Olivier
>From 6fa0e381b38d3a9a3d29e59cbcca34fb1d375e3e Mon Sep 17 00:00:00 2001 From: Olivier Houchard <ohouch...@haproxy.com> Date: Mon, 17 Jul 2017 17:25:33 +0200 Subject: [PATCH] BUG/MINOR: Prevent a use-after-free on error scenario. --- src/haproxy.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/haproxy.c b/src/haproxy.c index 23161007..7af1092d 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -997,6 +997,7 @@ static int get_old_sockets(const char *unixsocket) if (getsockname(fd, (struct sockaddr *)&xfer_sock->addr, &socklen) != 0) { Warning("Failed to get socket address\n"); free(xfer_sock); + xfer_sock = NULL; continue; } if (curoff >= maxoff) { -- 2.13.3