From 64b2d2d77e112f1519995b54cb0806e1f2e4a9f6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 9 Mar 2013 18:05:28 +0100 Subject: multi_runsingle: avoid NULL dereference When Curl_do() returns failure, the connection pointer could be NULL so the code path following needs to that that into account. Bug: http://curl.haxx.se/mail/lib-2013-03/0062.html Reported by: Eric Hu --- lib/multi.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/lib/multi.c b/lib/multi.c index 706df2398..825f77740 100644 --- a/lib/multi.c +++ b/lib/multi.c @@ -1202,8 +1202,9 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, } else { /* Perform the protocol's DO action */ - easy->result = Curl_do(&easy->easy_conn, - &dophase_done); + easy->result = Curl_do(&easy->easy_conn, &dophase_done); + + /* When Curl_do() returns failure, easy->easy_conn might be NULL! */ if(CURLE_OK == easy->result) { if(!dophase_done) { @@ -1292,7 +1293,8 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi, else { /* failure detected */ Curl_posttransfer(data); - Curl_done(&easy->easy_conn, easy->result, FALSE); + if(easy->easy_conn) + Curl_done(&easy->easy_conn, easy->result, FALSE); disconnect_conn = TRUE; } } -- cgit v1.2.3