Fix error handling in be_tls_open_server()
Sergey Shinderuk <s.shinderuk@postgrespro.ru>
From: Sergey Shinderuk <s.shinderuk@postgrespro.ru>
To: PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2023-08-01T14:44:13Z
Lists: pgsql-hackers
Attachments
- pfree-peer-cn-fix.diff (text/plain) patch
Hi, A static analyzer reported a possible pfree(NULL) in be_tls_open_server(). Here is a fix. Also handle an error from X509_NAME_print_ex(). AFAICS, the error "SSL certificate's distinguished name contains embedded null" could not be reached at all, because XN_FLAG_RFC2253 passed to X509_NAME_print_ex() ensures that null bytes are escaped. Best regards, -- Sergey Shinderuk https://postgrespro.com/
Commits
-
Avoid potential pfree on NULL on OpenSSL errors
- f720875a4670 16.1 landed
- 9dc85806d8be 15.5 landed
- 5f3aa309a880 17.0 landed