diff options
| author | Christian Grothoff <christian@grothoff.org> | 2013-11-27 23:28:26 +0100 |
|---|---|---|
| committer | Steve Holme <steve_holme@hotmail.com> | 2013-11-27 23:35:34 +0000 |
| commit | 59f1209fadb6a32f7a957318d881185480580e91 (patch) | |
| tree | 1fb4ea7aee82f349b771949dfa351c3986b520ee | |
| parent | 7b9365c65f3228e1840d4abd507f03e3849817a1 (diff) | |
curl_easy_getopt: Handle API violation gracefully
This fixes a NULL dereference in the case where the client asks for
CURLINFO_TLS_SESSION data after the (TLS) session has already been
destroyed (i.e. curl_easy_perform has already completed for this
handle). Instead of crashing, we now return a CURLSSLBACKEND_NONE
error.
| -rw-r--r-- | lib/getinfo.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/getinfo.c b/lib/getinfo.c index 6a4e72e4a..cd5a62ac0 100644 --- a/lib/getinfo.c +++ b/lib/getinfo.c @@ -288,6 +288,9 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, tlsinfo->ssl_backend = CURLSSLBACKEND_NONE; tlsinfo->internals = NULL; + if(!conn) + break; + /* Find the active ("in use") SSL connection, if any */ while((sockindex < sizeof(conn->ssl) / sizeof(conn->ssl[0])) && (!conn->ssl[sockindex].use)) |