]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b9ce14e)
MINOR: quic: Fix potential null pointer dereference
authorFrédéric Lécaille <flecaille@haproxy.com>
Mon, 8 Nov 2021 10:23:17 +0000 (11:23 +0100)
committerAmaury Denoyelle <adenoyelle@haproxy.com>
Mon, 8 Nov 2021 10:31:12 +0000 (11:31 +0100)
Fix compilation warnings about non initialized pointers.

This partially address #1445 github issue.

src/quic_sock.c patch | blob | blame | history
src/xprt_quic.c patch | blob | blame | history

diff --git a/src/quic_sock.c b/src/quic_sock.c
index 875779d91333a2c8a2d4b4bb7322342e611875f0..bb6cb6150ddfae542dcb88f12b3aab402a277ed1 100644 (file)
--- a/src/quic_sock.c
+++ b/src/quic_sock.c
@@ -178,7 +178,7 @@ void quic_sock_fd_iocb(int fd)
        struct rxbuf *rxbuf;
        struct buffer *buf;
        struct listener *l = objt_listener(fdtab[fd].owner);
-       struct quic_transport_params *params = &l->bind_conf->quic_params;
+       struct quic_transport_params *params;
        /* Source address */
        struct sockaddr_storage saddr = {0};
        size_t max_sz;
@@ -186,11 +186,18 @@ void quic_sock_fd_iocb(int fd)
 
        BUG_ON(!l);
 
+       if (!l)
+               return;
+
        if (!(fdtab[fd].state & FD_POLL_IN) || !fd_recv_ready(fd))
                return;
 
        rxbuf = MT_LIST_POP(&l->rx.rxbuf_list, typeof(rxbuf), mt_list);
        buf = &rxbuf->buf;
+       if (!buf)
+               goto out;
+
+       params = &l->bind_conf->quic_params;
        max_sz = params->max_udp_payload_size;
        if (b_contig_space(buf) < max_sz) {
                /* Note that when we enter this function, <buf> is always empty */
diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 09722c063af96b604c74dc2b23556bdec59852e1..0fdc7aa8297e90790c23a6167a0b2af9e73da28b 100644 (file)
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -3309,6 +3309,7 @@ static ssize_t qc_srv_pkt_rcv(unsigned char **buf, const unsigned char *end,
        struct quic_enc_level *qel;
 
        qc = NULL;
+       qel = NULL;
        TRACE_ENTER(QUIC_EV_CONN_SPKT);
        if (end <= *buf)
                goto err;
@@ -3461,6 +3462,7 @@ static ssize_t qc_lstnr_pkt_rcv(unsigned char **buf, const unsigned char *end,
 
        qc = NULL;
        conn_ctx = NULL;
+       qel = NULL;
        TRACE_ENTER(QUIC_EV_CONN_LPKT, NULL, pkt);
        if (end <= *buf)
                goto err;
Mirror of https://github.com/haproxy/haproxy.git