From 01dedc99fc8d386fe955421ab05a1c4094c9190b Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 8 Sep 2018 22:57:36 +0200
Subject: urlapi: avoid derefencing a possible NULL pointer

Coverity CID 1439134
---
 lib/urlapi.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/urlapi.c b/lib/urlapi.c
index 8287861f7..3183598e2 100644
--- a/lib/urlapi.c
+++ b/lib/urlapi.c
@@ -438,10 +438,10 @@ static CURLUcode parse_hostname_login(struct Curl_URL *u,
   *hostname = ++ptr;
 
   /* We could use the login information in the URL so extract it. Only parse
-     options if the handler says we should. */
+     options if the handler says we should. Note that 'h' might be NULL! */
   ccode = Curl_parse_login_details(login, ptr - login - 1,
                                    &userp, &passwdp,
-                                   h->flags & PROTOPT_URLOPTIONS ?
+                                   (h && (h->flags & PROTOPT_URLOPTIONS)) ?
                                    &optionsp:NULL);
   if(ccode) {
     result = CURLUE_MALFORMED_INPUT;
-- 
cgit v1.2.3