From 6321a533e9ec6245f9afac859a480f5868417e85 Mon Sep 17 00:00:00 2001 From: reyk Date: Sat, 3 Jan 2015 23:54:25 +0000 Subject: [PATCH] Reset tls key and cert to NULL when duplicating a server - avoids a possible double free in the error path of the parser. Found by + OK doug@ --- usr.sbin/httpd/parse.y | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/usr.sbin/httpd/parse.y b/usr.sbin/httpd/parse.y index 860c2ae7c3a..e8f9b1016d2 100644 --- a/usr.sbin/httpd/parse.y +++ b/usr.sbin/httpd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.48 2015/01/03 16:20:31 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.49 2015/01/03 23:54:25 reyk Exp $ */ /* * Copyright (c) 2007 - 2014 Reyk Floeter @@ -1740,6 +1740,8 @@ server_inherit(struct server *src, const char *name, if ((dst->srv_conf.tls_key_file = strdup(src->srv_conf.tls_key_file)) == NULL) fatal("out of memory"); + dst->srv_conf.tls_cert = NULL; + dst->srv_conf.tls_key = NULL; dst->srv_conf.id = ++last_server_id; if (last_server_id == INT_MAX) { -- 2.20.1