| From: | Sergey Shinderuk <s(dot)shinderuk(at)postgrespro(dot)ru> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Fix error handling in be_tls_open_server() |
| Date: | 2023-08-01 14:44:13 |
| Message-ID: | 8db5374d-32e0-6abb-d402-40762511eff2@postgrespro.ru |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
A static analyzer reported a possible pfree(NULL) in
be_tls_open_server(). Here is a fix. Also handle an error from
X509_NAME_print_ex().
AFAICS, the error "SSL certificate's distinguished name contains
embedded null" could not be reached at all, because XN_FLAG_RFC2253
passed to X509_NAME_print_ex() ensures that null bytes are escaped.
Best regards,
--
Sergey Shinderuk https://postgrespro.com/
| Attachment | Content-Type | Size |
|---|---|---|
| pfree-peer-cn-fix.diff | text/plain | 1.4 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2023-08-01 14:51:10 | Re: pgsql: Fix search_path to a safe value during maintenance operations. |
| Previous Message | Tristan Partin | 2023-08-01 14:02:17 | Re: BUG #17946: LC_MONETARY & DO LANGUAGE plperl - BUG |