BUG/MINOR: http_htx: fix null deref in http-errors config check

http-errors parsing has been refactored in a recent serie of patches.
However, a null deref was introduced by the following patch in case a
non-existent http-errors section is referenced by an "errorfiles"
directive.

  commit 2ca7601c2d6781f455cf205e4f3b52f5beb16e41
  MINOR/OPTIM: http_htx: lookup once http_errors section on check/init

Fix this by delaying ha_free() so that it is called after ha_alert().

No need to backport.

diff --git a/src/http_htx.c b/src/http_htx.c
index dc18735e3b1c85599f9e60d35e652b8b37eab920..bd550be9839bdad431c3b8080ab701234b03656e 100644 (file)
--- a/src/http_htx.c
+++ b/src/http_htx.c
@@ -2352,15 +2352,16 @@ int proxy_check_http_errors(struct proxy *px)
                                }
                        }
 
-                       ha_free(&conf_err->type.section.name);
                        if (!section_found) {
                                ha_alert("proxy '%s': unknown http-errors section '%s' (at %s:%d).\n",
                                         px->id, conf_err->type.section.name, conf_err->file, conf_err->line);
+                               ha_free(&conf_err->type.section.name);
                                err |= ERR_ALERT | ERR_FATAL;
                                continue;
                        }
 
                        conf_err->type.section.resolved = http_errs;
+                       ha_free(&conf_err->type.section.name);
 
                        for (rc = 0; rc < HTTP_ERR_SIZE; rc++) {
                                if (conf_err->type.section.status[rc] == HTTP_ERR_IMPORT_EXPLICIT &&