From: Artem Boldariev <artem@boldariev.com>
Date: Tue, 22 Nov 2022 13:11:57 +0000 (+0200)
Subject: TLS: check for sock->recv_cb when handling received data
X-Git-Tag: v9.19.8~21^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bed5e2bb08ae04fba119cffe8dd2e3c32f96e8fa;p=thirdparty%2Fbind9.git

TLS: check for sock->recv_cb when handling received data

This commit adds a check if 'sock->recv_cb' might have been nullified
during the call to 'sock->recv_cb'. That could happen, e.g. by an
indirect call to 'isc_nmhandle_close()' from within the callback when
wrapping up.

In this case, let's close the TLS connection.
---

diff --git a/lib/isc/netmgr/tlsstream.c b/lib/isc/netmgr/tlsstream.c
index 1ac83f4c7ee..61fc304a8af 100644
--- a/lib/isc/netmgr/tlsstream.c
+++ b/lib/isc/netmgr/tlsstream.c
@@ -547,6 +547,20 @@ tls_do_bio(isc_nmsocket_t *sock, isc_region_t *received_data,
 				if (sock->statichandle == NULL) {
 					finish = true;
 					break;
+				} else if (sock->recv_cb == NULL) {
+					/*
+					 * The 'sock->recv_cb' might have been
+					 * nullified during the call to
+					 * 'sock->recv_cb'. That could happen,
+					 * e.g. by an indirect call to
+					 * 'isc_nmhandle_close()' from within
+					 * the callback when wrapping up.
+					 *
+					 * In this case, let's close the TLS
+					 * connection.
+					 */
+					finish = true;
+					break;
 				} else if (!sock->reading) {
 					/*
 					 * Reading has been paused from withing