From 7deb28ce6510bbc764eddd4e381cb7268792254a Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Mon, 10 May 2021 07:40:27 +0200 Subject: [PATCH] BUG/MEDIUM: quic: fix null deref on error path in qc_conn_init() When ctx is NULL, we go to the "err" label, which could dereference it. No backport is needed. --- src/xprt_quic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/xprt_quic.c b/src/xprt_quic.c index 68d0f60..fea9a01 100644 --- a/src/xprt_quic.c +++ b/src/xprt_quic.c @@ -4164,7 +4164,7 @@ static int qc_conn_init(struct connection *conn, void **xprt_ctx) return 0; err: - if (ctx->wait_event.tasklet) + if (ctx && ctx->wait_event.tasklet) tasklet_free(ctx->wait_event.tasklet); pool_free(pool_head_quic_conn_ctx, ctx); TRACE_DEVEL("leaving in error", QUIC_EV_CONN_NEW, conn); -- 1.7.10.4