BUG/MINOR: ssl: Potential NULL deref in trace macro

'ctx' might be NULL when we exit 'ssl_sock_handshake', it can't be
dereferenced without check in the trace macro.

This was found by Coverity andraised in GitHub #3113.
This patch should be backported up to 3.2.

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index b973a3967ee9f73835a413514bedf525072ba81e..c6bfcf5e330ae8f4da603913713268f9f95ea333 100644 (file)
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5909,7 +5909,7 @@ reneg_ok:
        if (!conn->err_code)
                conn->err_code = CO_ER_SSL_HANDSHAKE;
 
-       TRACE_ERROR("handshake error", SSL_EV_CONN_HNDSHK|SSL_EV_CONN_ERR, conn, ctx->ssl, &conn->err_code, &ctx->error_code);
+       TRACE_ERROR("handshake error", SSL_EV_CONN_HNDSHK|SSL_EV_CONN_ERR, conn, ctx->ssl, &conn->err_code, (ctx ? &ctx->error_code : NULL));
        return 0;
 }