BUG/MEDIUM: quic: fix null deref on error path in qc_conn_init()

When ctx is NULL, we go to the "err" label, which could dereference it.
No backport is needed.

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index 68d0f60..fea9a01 100644 (file)
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -4164,7 +4164,7 @@ static int qc_conn_init(struct connection *conn, void **xprt_ctx)
        return 0;
 
  err:
-       if (ctx->wait_event.tasklet)
+       if (ctx && ctx->wait_event.tasklet)
                tasklet_free(ctx->wait_event.tasklet);
        pool_free(pool_head_quic_conn_ctx, ctx);
        TRACE_DEVEL("leaving in error", QUIC_EV_CONN_NEW, conn);