1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-11 05:58:01 -05:00

http2: fix null pointer dereference in http2_connisdead

This function can get called on a connection that isn't setup enough to
have the 'recv_underlying' function pointer initialized so it would try
to call the NULL pointer.

Reported-by: Dario Weisser

Follow-up to db1b2c7fe9 (never shipped in a release)
Closes #2536
This commit is contained in:
Daniel Stenberg 2018-04-26 16:07:10 +02:00
parent 2ef1662e4b
commit 1d71ce845a
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2

View File

@ -202,8 +202,11 @@ static bool http2_connisdead(struct connectdata *conn)
only "protocol frames" */
CURLcode result;
struct http_conn *httpc = &conn->proto.httpc;
ssize_t nread = ((Curl_recv *)httpc->recv_underlying)(
conn, FIRSTSOCKET, httpc->inbuf, H2_BUFSIZE, &result);
ssize_t nread = -1;
if(httpc->recv_underlying)
/* if called "too early", this pointer isn't setup yet! */
nread = ((Curl_recv *)httpc->recv_underlying)(
conn, FIRSTSOCKET, httpc->inbuf, H2_BUFSIZE, &result);
if(nread != -1) {
infof(conn->data,
"%d bytes stray data read before trying h2 connection\n",