From f01df1979812a1870b54ec676688137f61ab36c0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 11 Apr 2011 13:17:55 +0200 Subject: [PATCH] checkconnection: don't call with NULL pointer When checking if an existing RTSP connection is alive or not, the checkconnection function might be called with a SessionHandle pointer being NULL and then referenced causing a crash. This happened only using the multi interface. Reported by: Tinus van den Berg Bug: http://curl.haxx.se/bug/view.cgi?id=3280739 --- lib/connect.c | 3 +++ lib/rtsp.c | 8 ++++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/lib/connect.c b/lib/connect.c index 261b2150e..3cde1805e 100644 --- a/lib/connect.c +++ b/lib/connect.c @@ -1122,6 +1122,9 @@ curl_socket_t Curl_getconnectinfo(struct SessionHandle *data, struct connectdata **connp) { curl_socket_t sockfd; + + DEBUGASSERT(data); + if((data->state.lastconnect != -1) && (data->state.connc->connects[data->state.lastconnect] != NULL)) { struct connectdata *c = diff --git a/lib/rtsp.c b/lib/rtsp.c index 52cf5efc7..56998c16e 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -124,10 +124,10 @@ bool Curl_rtsp_connisdead(struct connectdata *check) /* socket is in an error state */ ret_val = TRUE; } - else if (sval & CURL_CSELECT_IN) { - /* readable with no error. could be closed or could be alive */ - curl_socket_t connectinfo = - Curl_getconnectinfo(check->data, &check); + else if ((sval & CURL_CSELECT_IN) && check->data) { + /* readable with no error. could be closed or could be alive but we can + only check if we have a proper SessionHandle for the connection */ + curl_socket_t connectinfo = Curl_getconnectinfo(check->data, &check); if(connectinfo != CURL_SOCKET_BAD) ret_val = FALSE; }