Fix Null pointer dereferences after rev.14913

on_unsupported_protocol with non-HTTP requests occurs without
an HTTP request object. Some ACLs will not be possible to check
but that is not a reason to crash.

 Detected by Coverity Scan. Issue 1394291.

diff --git a/src/client_side.cc b/src/client_side.cc
index 506867e9c23462d8e342630be0054ef363f8af4d..b45094d4c5c3f29d25cc3d79e7494ccc68bd1bff 100644 (file)
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -3236,14 +3236,14 @@ ConnStateData::startPeekAndSplice()
     // This is the Step2 of the SSL bumping
     assert(sslServerBump);
     Http::StreamPointer context = pipeline.front();
-    ClientHttpRequest *http = context ? context->http : NULL;
+    ClientHttpRequest *http = context ? context->http : nullptr;
 
     if (sslServerBump->step == Ssl::bumpStep1) {
         sslServerBump->step = Ssl::bumpStep2;
         // Run a accessList check to check if want to splice or continue bumping
 
-        ACLFilledChecklist *acl_checklist = new ACLFilledChecklist(Config.accessList.ssl_bump, sslServerBump->request.getRaw(), NULL);
-        acl_checklist->al = http ? http->al : NULL;
+        ACLFilledChecklist *acl_checklist = new ACLFilledChecklist(Config.accessList.ssl_bump, sslServerBump->request.getRaw(), nullptr);
+        acl_checklist->al = http ? http->al : nullptr;
         //acl_checklist->src_addr = params.conn->remote;
         //acl_checklist->my_addr = s->s;
         acl_checklist->banAction(allow_t(ACCESS_ALLOWED, Ssl::bumpNone));
@@ -3275,7 +3275,7 @@ ConnStateData::startPeekAndSplice()
     int ret = 0;
     if ((ret = Squid_SSL_accept(this, NULL)) < 0) {
         debugs(83, 2, "SSL_accept failed.");
-        HttpRequest::Pointer request = http->request;
+        HttpRequest::Pointer request(http ? http->request : nullptr);
         if (!clientTunnelOnError(this, context, request, HttpRequestMethod(), ERR_SECURE_ACCEPT_FAIL))
             clientConnection->close();
         return;