BUG/MINOR: quic: fix crash on handshake io-cb for null next enc level

When arriving at the handshake completion, next encryption level will be
null on quic_conn_io_cb(). Thus this must be check this before
dereferencing it via qc_need_sending() to prevent a crash.

This was reproduced quickly when browsing over a local nextcloud
instance through QUIC with firefox.

This has been introduced in the current dev with quic-conn Tx
refactoring. No need to backport it.

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 076d93699bbbb97bbc213bfbf242ad30328a9d17..87396ea15b68b943e8992b74dc248136de836fbf 100644 (file)
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -3961,8 +3961,10 @@ struct task *quic_conn_io_cb(struct task *t, void *context, unsigned int state)
        if (!quic_get_tls_enc_levels(&tel, &next_tel, st, 0))
                goto err;
 
-       if (!qc_need_sending(qc, qel) && !qc_need_sending(qc, next_qel))
+       if (!qc_need_sending(qc, qel) &&
+           (!next_qel || !qc_need_sending(qc, next_qel))) {
                goto skip_send;
+       }
 
        buf = qc_txb_alloc(qc);
        if (!buf)