From: Remi Tricot-Le Breton <rlebreton@haproxy.com>
Date: Fri, 10 Oct 2025 12:16:31 +0000 (+0200)
Subject: BUG/MINOR: ssl: Potential NULL deref in trace macro
X-Git-Tag: v3.3-dev10~21
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6f4ca37880757032baee7e6790a1b173f7708b05;p=thirdparty%2Fhaproxy.git

BUG/MINOR: ssl: Potential NULL deref in trace macro

'ctx' might be NULL when we exit 'ssl_sock_handshake', it can't be
dereferenced without check in the trace macro.

This was found by Coverity andraised in GitHub #3113.
This patch should be backported up to 3.2
---

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 13339fa1b..1d40c1105 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -5943,7 +5943,7 @@ reneg_ok:
 	if (!conn->err_code)
 		conn->err_code = CO_ER_SSL_HANDSHAKE;
 
-	TRACE_ERROR("handshake error", SSL_EV_CONN_HNDSHK|SSL_EV_CONN_ERR, conn, ctx->ssl, &conn->err_code, (ctx ? &ctx->error_code : NULL));
+	TRACE_ERROR("handshake error", SSL_EV_CONN_HNDSHK|SSL_EV_CONN_ERR, conn, (ctx ? ctx->ssl : NULL), &conn->err_code, (ctx ? &ctx->error_code : NULL));
 	return 0;
 }