From: Amos Jeffries Date: Sat, 19 Nov 2016 16:06:10 +0000 (+1300) Subject: Fix Null pointer dereferences after rev.14913 X-Git-Tag: SQUID_4_0_17~16 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0dd8cdf9a56d4b53178b002bd6dd747bf8e8c878;p=thirdparty%2Fsquid.git Fix Null pointer dereferences after rev.14913 on_unsupported_protocol with non-HTTP requests occurs without an HTTP request object. Some ACLs will not be possible to check but that is not a reason to crash. Detected by Coverity Scan. Issue 1394291. --- diff --git a/src/client_side.cc b/src/client_side.cc index 506867e9c2..b45094d4c5 100644 --- a/src/client_side.cc +++ b/src/client_side.cc @@ -3236,14 +3236,14 @@ ConnStateData::startPeekAndSplice() // This is the Step2 of the SSL bumping assert(sslServerBump); Http::StreamPointer context = pipeline.front(); - ClientHttpRequest *http = context ? context->http : NULL; + ClientHttpRequest *http = context ? context->http : nullptr; if (sslServerBump->step == Ssl::bumpStep1) { sslServerBump->step = Ssl::bumpStep2; // Run a accessList check to check if want to splice or continue bumping - ACLFilledChecklist *acl_checklist = new ACLFilledChecklist(Config.accessList.ssl_bump, sslServerBump->request.getRaw(), NULL); - acl_checklist->al = http ? http->al : NULL; + ACLFilledChecklist *acl_checklist = new ACLFilledChecklist(Config.accessList.ssl_bump, sslServerBump->request.getRaw(), nullptr); + acl_checklist->al = http ? http->al : nullptr; //acl_checklist->src_addr = params.conn->remote; //acl_checklist->my_addr = s->s; acl_checklist->banAction(allow_t(ACCESS_ALLOWED, Ssl::bumpNone)); @@ -3275,7 +3275,7 @@ ConnStateData::startPeekAndSplice() int ret = 0; if ((ret = Squid_SSL_accept(this, NULL)) < 0) { debugs(83, 2, "SSL_accept failed."); - HttpRequest::Pointer request = http->request; + HttpRequest::Pointer request(http ? http->request : nullptr); if (!clientTunnelOnError(this, context, request, HttpRequestMethod(), ERR_SECURE_ACCEPT_FAIL)) clientConnection->close(); return;