Hi guys,
The attached patch fixes a potential use after free, if for some reason we
failed to get the address of a transfered socket.
It should be fairly safe to apply.
Regards,
Olivier
>From 6fa0e381b38d3a9a3d29e59cbcca34fb1d375e3e Mon Sep 17 00:00:00 2001
From: Olivier Houchard <ohouch...@haproxy.com>
Date: Mon, 17 Jul 2017 17:25:33 +0200
Subject: [PATCH] BUG/MINOR: Prevent a use-after-free on error scenario.
---
src/haproxy.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/haproxy.c b/src/haproxy.c
index 23161007..7af1092d 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -997,6 +997,7 @@ static int get_old_sockets(const char *unixsocket)
if (getsockname(fd, (struct sockaddr *)&xfer_sock->addr,
&socklen) != 0) {
Warning("Failed to get socket address\n");
free(xfer_sock);
+ xfer_sock = NULL;
continue;
}
if (curoff >= maxoff) {
--
2.13.3
