From: Maxim Dounin Date: Thu, 31 Jan 2019 16:36:51 +0000 (+0300) Subject: SSL: separate checks for errors in ngx_ssl_read_password_file(). X-Git-Tag: release-1.15.9~14 X-Git-Url: http://git.kaiwu.me/postgresql/log/contrib/postgres_fdw/postgres_fdw.c?a=commitdiff_plain;h=f7d53c4ae4cf126570bc8290773eb84671632aac;p=nginx.git SSL: separate checks for errors in ngx_ssl_read_password_file(). Checking multiple errors at once is a bad practice, as in general it is not guaranteed that an object can be used after the error. In this particular case, checking errors after multiple allocations can result in excessive errors being logged when there is no memory available. --- diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 7002059c6..aa5ccdd33 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -947,10 +947,13 @@ ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file) return NULL; } - cln = ngx_pool_cleanup_add(cf->temp_pool, 0); passwords = ngx_array_create(cf->temp_pool, 4, sizeof(ngx_str_t)); + if (passwords == NULL) { + return NULL; + } - if (cln == NULL || passwords == NULL) { + cln = ngx_pool_cleanup_add(cf->temp_pool, 0); + if (cln == NULL) { return NULL; }