BUG/MINOR: ssl/cli: potential null pointer dereference in "set ssl cert"

A potential null pointer dereference was reported with an old gcc
version (6.5)

    src/ssl_ckch.c: In function 'cli_parse_set_cert':
    src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference]
      if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))
           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference]
    src/ssl_ckch.c: In function 'ckchs_dup':
    src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference]
      if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))
           ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    src/ssl_ckch.c:838:7: error: potential null pointer dereference [-Werror=null-dereference]
    cc1: all warnings being treated as errors

This case does not actually happen but it's better to fix the ckch API
with a NULL check.

Could be backported as far as 2.1.

diff --git a/src/ssl_ckch.c b/src/ssl_ckch.c
index 8aa29bd22e011190ece5882283b2e53b2a4f8c9f..174ab0a96c12d11a6f9c363b2745e3241c185fd9 100644 (file)
--- a/src/ssl_ckch.c
+++ b/src/ssl_ckch.c
@@ -662,6 +662,9 @@ void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch)
 struct cert_key_and_chain *ssl_sock_copy_cert_key_and_chain(struct cert_key_and_chain *src,
                                                                    struct cert_key_and_chain *dst)
 {
+       if (!src || !dst)
+               return NULL;
+
        if (src->cert) {
                dst->cert = src->cert;
                X509_up_ref(src->cert);
@@ -833,6 +836,9 @@ struct ckch_store *ckchs_dup(const struct ckch_store *src)
 {
        struct ckch_store *dst;
 
+       if (!src)
+               return NULL;
+
        dst = ckch_store_new(src->path);
 
        if (!ssl_sock_copy_cert_key_and_chain(src->ckch, dst->ckch))