This defect was found by the coccinelle script "unchecked-strdup.cocci". It can be backported to all supported branches. --- src/ssl_crtlist.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/src/ssl_crtlist.c b/src/ssl_crtlist.c index 71fa0a0b1..7d2b1ed12 100644 --- a/src/ssl_crtlist.c +++ b/src/ssl_crtlist.c @@ -608,6 +608,10 @@ int crtlist_parse_file(char *file, struct bind_conf *bind_conf, struct proxy *cu found++; free(cc.crt); cc.crt = strdup(crt_path); + if (cc.crt == NULL) { + cfgerr |= ERR_ALERT | ERR_FATAL; + goto error; + } ckchs = ckch_store_new_load_files_conf(crt_path, &cc, err); if (ckchs == NULL) { cfgerr |= ERR_ALERT | ERR_FATAL; -- 2.47.0