Fix error handling in be_tls_open_server()

From: Sergey Shinderuk <s(dot)shinderuk(at)postgrespro(dot)ru>
To: PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Fix error handling in be_tls_open_server()
Date: 2023-08-01 14:44:13
Message-ID: 8db5374d-32e0-6abb-d402-40762511eff2@postgrespro.ru
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Hi,

A static analyzer reported a possible pfree(NULL) in
be_tls_open_server(). Here is a fix. Also handle an error from
X509_NAME_print_ex().

AFAICS, the error "SSL certificate's distinguished name contains
embedded null" could not be reached at all, because XN_FLAG_RFC2253
passed to X509_NAME_print_ex() ensures that null bytes are escaped.

Best regards,

--
Sergey Shinderuk https://postgrespro.com/

Attachment Content-Type Size
pfree-peer-cn-fix.diff text/plain 1.4 KB

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Robert Haas 2023-08-01 14:51:10 Re: pgsql: Fix search_path to a safe value during maintenance operations.
Previous Message Tristan Partin 2023-08-01 14:02:17 Re: BUG #17946: LC_MONETARY & DO LANGUAGE plperl - BUG