Re: Fix error handling in be_tls_open_server()
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Sergey Shinderuk <s.shinderuk@postgrespro.ru>
Cc: PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2023-08-23T13:23:20Z
Lists: pgsql-hackers
Attachments
- X509_NAME_get_text_by_NID.diff (application/octet-stream) patch
> On 1 Aug 2023, at 16:44, Sergey Shinderuk <s.shinderuk@postgrespro.ru> wrote: > A static analyzer reported a possible pfree(NULL) in be_tls_open_server(). This has the smell of a theoretical problem, I can't really imagine a certificate where which would produce this. Have you been able to trigger it? Wouldn't a better fix be to error out on len == -1 as in the attached, maybe with a "Shouldn't happen" comment? -- Daniel Gustafsson
Commits
-
Avoid potential pfree on NULL on OpenSSL errors
- f720875a4670 16.1 landed
- 9dc85806d8be 15.5 landed
- 5f3aa309a880 17.0 landed