From ff8957a6f44061594b0e2456de172b7c9f453a3f Mon Sep 17 00:00:00 2001 From: William Lallemand Date: Fri, 20 May 2016 17:28:07 +0200 Subject: BUG/MEDIUM: fix risk of segfault with "show tls-keys" The reference to the tls_keys_ref was not deleted from the tlskeys_reference linked list. When the SSL is malconfigured, it can lead to an access to freed memory during a "show tls-keys" on the admin socked. (cherry picked from commit 7bba4ccfb68b2fc0e76f51bcca7cdcb1388c4023) --- src/cfgparse.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/cfgparse.c b/src/cfgparse.c index b0f837e..7025b6a 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -8728,6 +8728,7 @@ out_uri_auth_compat: if(bind_conf->keys_ref) { free(bind_conf->keys_ref->filename); free(bind_conf->keys_ref->tlskeys); + LIST_DEL(&bind_conf->keys_ref->list); free(bind_conf->keys_ref); } #endif /* USE_OPENSSL */ -- 1.7.12.1