From 7c564bfdd3498982b11669adbc4a99dcc04b5900 Mon Sep 17 00:00:00 2001
From: Amaury Denoyelle <adenoyelle@haproxy.com>
Date: Mon, 24 Jan 2022 11:04:05 +0100
Subject: [PATCH] MINOR: ssl: fix build in release mode

Fix potential null pointer dereference. In fact, this case is not
possible, only a mistake in SSL ex-data initialization may cause it :
either connection is set or quic_conn, which allows to retrieve
the bind_conf.

A BUG_ON was already present but this does not cover release build.
---
 src/ssl_sock.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 1aa46d74f7..572fa76476 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -1537,7 +1537,12 @@ void ssl_sock_infocbk(const SSL *ssl, int where, int ret)
 	else if (qc)
 		ctx = qc->xprt_ctx;
 #endif /* USE_QUIC */
-	BUG_ON(!ctx);
+
+	if (!ctx) {
+		/* must never happen */
+		ABORT_NOW();
+		return;
+	}
 
 #ifndef SSL_OP_NO_RENEGOTIATION
 	/* Please note that BoringSSL defines this macro to zero so don't
@@ -2488,7 +2493,12 @@ int ssl_sock_switchctx_cbk(SSL *ssl, int *al, void *arg)
 	else if (qc)
 		s = qc->li->bind_conf;
 #endif /* USE_QUIC */
-	BUG_ON(!s);
+
+	if (!s) {
+		/* must never happen */
+		ABORT_NOW();
+		return 0;
+	}
 
 #ifdef USE_QUIC
 	if (qc) {
-- 
2.47.3