From 9d1171693361622762dd078d7a1a7236d84f838e Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 15 Jul 2012 20:31:37 +0200
Subject: [PATCH] multi_runsingle: added precaution against easy_conn NULL
 pointer

In many states the easy_conn pointer is referenced and just assumed to
be working. This is an added extra check since analyzing indicates
there's a risk we can end up in these states with a NULL pointer there.
---
 lib/multi.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/multi.c b/lib/multi.c
index f4e15c413..ff43378f5 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -984,6 +984,16 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
       break;
     }
 
+    if(!easy->easy_conn &&
+       easy->state > CURLM_STATE_CONNECT &&
+       easy->state < CURLM_STATE_DONE) {
+      /* In all these states, the code will blindly access 'easy->easy_conn'
+         so this is precaution that it isn't NULL. And it silences static
+         analyzers. */
+      failf(data, "In state %d with no easy_conn, bail out!\n", easy->state);
+      return CURLM_INTERNAL_ERROR;
+    }
+
     if(easy->easy_conn && easy->state > CURLM_STATE_CONNECT &&
        easy->state < CURLM_STATE_COMPLETED)
       /* Make sure we set the connection's current owner */