From ba303deadc3249e6df111c70eab23007244ed0bb Mon Sep 17 00:00:00 2001 From: Amaury Denoyelle Date: Mon, 17 Oct 2022 18:46:49 +0200 Subject: [PATCH] BUILD: ssl_sock: fix null dereference for QUIC build MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit A previous commit tries to fix uninitialized GCC warning on ssl code for QUIC build. See the fix here : 48e46f98ccf97427995eb41c6f28cc38705bdd7e BUILD: ssl_sock: bind_conf uninitialized in ssl_sock_bind_verifycbk() However, this is incomplete as it still reports possible NULL dereference on ctx variable (GCC v12.2.0). Here is the compilation result : src/ssl_sock.c: In function ‘ssl_sock_bind_verifycbk’: src/ssl_sock.c:1739:12: error: potential null pointer dereference [-Werror=null-dereference] 1739 | ctx->xprt_st |= SSL_SOCK_ST_FL_VERIFY_DONE; | To fix this, remove check on qc which can also never happens and replace it with a BUG_ON. This seems to satisfy GCC on my machine. This must be backported up to 2.6. --- src/ssl_sock.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index fbf4ee6a35..4a16f6f0cc 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -1727,10 +1727,9 @@ int ssl_sock_bind_verifycbk(int ok, X509_STORE_CTX *x_store) #ifdef USE_QUIC else { qc = SSL_get_ex_data(ssl, ssl_qc_app_data_index); - if (qc) { - bind_conf = qc->li->bind_conf; - ctx = qc->xprt_ctx; - } + BUG_ON(!qc); /* Must never happen */ + bind_conf = qc->li->bind_conf; + ctx = qc->xprt_ctx; } #endif -- 2.47.3