From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 28 Nov 2025 22:59:23 +0000 (+0100)
Subject: rustls: verify that verifier_builder is not NULL
X-Git-Tag: rc-8_18_0-1~88
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=db32c0721f9cfbefe6a42b828ef7bfc4b40f71ac;p=thirdparty%2Fcurl.git

rustls: verify that verifier_builder is not NULL

Since this function returns allocated resources there is probably at
least a theoretical risk this can return NULL.

Pointed out by ZeroPath

Closes #19756
---

diff --git a/lib/vtls/rustls.c b/lib/vtls/rustls.c
index e4251a9151..0c13cc81ee 100644
--- a/lib/vtls/rustls.c
+++ b/lib/vtls/rustls.c
@@ -750,6 +750,10 @@ init_config_builder_verifier(struct Curl_easy *data,
   }
 
   verifier_builder = rustls_web_pki_server_cert_verifier_builder_new(roots);
+  if(!verifier_builder) {
+    result = CURLE_OUT_OF_MEMORY;
+    goto cleanup;
+  }
 
   if(conn_config->CRLfile) {
     result = init_config_builder_verifier_crl(data,