BUG/MINOR: connection: avoid null pointer dereference in send-proxy-v2
found by coverity.
[wt: this bug was introduced by commit 404d978 ("MINOR: add ALPN
information to send-proxy-v2"). It might be triggered by a health
check on a server using ppv2 or by an applet making use of such a
server, if at all configurable].
This needs to be backported to 1.8.
diff --git a/src/connection.c b/src/connection.c
index 06e1ed8..c0da874 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -996,6 +996,7 @@
return 0;
}
+/* Note: <remote> is explicitly allowed to be NULL */
int make_proxy_line(char *buf, int buf_len, struct server *srv, struct connection *remote)
{
int ret = 0;
@@ -1107,6 +1108,7 @@
return length + sizeof(*tlv);
}
+/* Note: <remote> is explicitly allowed to be NULL */
int make_proxy_line_v2(char *buf, int buf_len, struct server *srv, struct connection *remote)
{
const char pp2_signature[] = PP2_SIGNATURE;
@@ -1191,7 +1193,7 @@
ret += make_tlv(&buf[ret], (buf_len - ret), PP2_TYPE_CRC32C, sizeof(zero_crc32c), (const char *)&zero_crc32c);
}
- if (conn_get_alpn(remote, &value, &value_len)) {
+ if (remote && conn_get_alpn(remote, &value, &value_len)) {
if ((buf_len - ret) < sizeof(struct tlv))
return 0;
ret += make_tlv(&buf[ret], (buf_len - ret), PP2_TYPE_ALPN, value_len, value);