Mercurial > hg > nginx

changeset 7454:e72c8a8a8b10

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: separate checks for errors in ngx_ssl_read_password_file(). Checking multiple errors at once is a bad practice, as in general it is not guaranteed that an object can be used after the error. In this particular case, checking errors after multiple allocations can result in excessive errors being logged when there is no memory available.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 31 Jan 2019 19:36:51 +0300
parents 873150addfeb
children 992bf7540a98
files src/event/ngx_event_openssl.c
diffstat 1 files changed, 6 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -947,10 +947,13 @@ ngx_ssl_read_password_file(ngx_conf_t *c
         return NULL;
     }
 
+    passwords = ngx_array_create(cf->temp_pool, 4, sizeof(ngx_str_t));
+    if (passwords == NULL) {
+        return NULL;
+    }
+
     cln = ngx_pool_cleanup_add(cf->temp_pool, 0);
-    passwords = ngx_array_create(cf->temp_pool, 4, sizeof(ngx_str_t));
-
-    if (cln == NULL || passwords == NULL) {
+    if (cln == NULL) {
         return NULL;
     }