BUG/MINOR: ssl: check conn in keylog sample fetch Add a check on the conn pointer to avoid a NULL dereference in smp_fetch_ssl_x_keylog(). The problem is not suppose to happen because the function is only used for the frontend at the moment. Introduced by 7d42ef5, 2.2 only. Fix issue #733.

commit: eec1d45f9dd352c230ba043d840ca4c39149f357 [log] [tgz]
author: William Lallemand <wlallemand@haproxy.com> Tue Jul 07 10:48:13 2020 +0200
committer: William Lallemand <wlallemand@haproxy.org> Tue Jul 07 10:48:13 2020 +0200
tree: b85f6c7f7b951bbb9d97c3f5bc3d0f871310f11d
parent: d742b6caf79d3f38e29d3c68a47d2288435b2cad [diff]
diff --git a/src/ssl_sample.c b/src/ssl_sample.c
index 843554c..e53c088 100644
--- a/src/ssl_sample.c
+++ b/src/ssl_sample.c

@@ -1121,6 +1121,9 @@
 	conn = (kw[4] != 'b') ? objt_conn(smp->sess->origin) :
 	       smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
 
+	if (!conn)
+		return 0;
+
 	if (conn->flags & CO_FL_WAIT_XPRT) {
 		smp->flags |= SMP_F_MAY_CHANGE;
 		return 0;
commit	eec1d45f9dd352c230ba043d840ca4c39149f357	[log] [tgz]
author	William Lallemand <wlallemand@haproxy.com>	Tue Jul 07 10:48:13 2020 +0200
committer	William Lallemand <wlallemand@haproxy.org>	Tue Jul 07 10:48:13 2020 +0200
tree	b85f6c7f7b951bbb9d97c3f5bc3d0f871310f11d
parent	d742b6caf79d3f38e29d3c68a47d2288435b2cad [diff]