BUG/MINOR: listener: fix potential null pointer dereference in listener_release()

As reported by @Bbulatov on GH #2804, fe is found at multiple places in
listener_release(): in some places it is first checked against NULL before
being de-referenced while in some other places it is not, which is
ambiguous and could hide a bug.

In practise, fe cannot be NULL for now, but it might not be the case in
the future as we want to keep the possibility to run isolated listeners
(that is, without proxy attached).

We've already ensured this was the case with a57786e ("BUG/MINOR:
listener: null pointer dereference suspected by coverity"), but
this promise was recently broken by 65ae134 ("BUG/MINOR: listener: Wake
proxy's mngmt task up if necessary on session release").

Let's fix that by conditionning the block with an "else if" statement
instead of a regular "else".

No need for backport except if multi-connection protocols (ie: FTP) were
to be backported as well.

diff --git a/src/listener.c b/src/listener.c
index 7518f34ad280ab824b3277b3ae2fa918b09572d4..5f3a98b4a8b444ae04616c6e19da45901518b06d 100644 (file)
--- a/src/listener.c
+++ b/src/listener.c
@@ -1622,7 +1622,7 @@ void listener_release(struct listener *l)
        if (fe && !MT_LIST_ISEMPTY(&fe->listener_queue) &&
            (!fe->fe_sps_lim || freq_ctr_remain(&fe->fe_counters.sess_per_sec, fe->fe_sps_lim, 0) > 0))
                dequeue_proxy_listeners(fe, 0);
-       else {
+       else if (fe) {
                unsigned int wait;
                int expire = TICK_ETERNITY;