Commit 59f1209f authored by Christian Grothoff's avatar Christian Grothoff Committed by Steve Holme
Browse files

curl_easy_getopt: Handle API violation gracefully 

This fixes a NULL dereference in the case where the client asks for
CURLINFO_TLS_SESSION data after the (TLS) session has already been
destroyed (i.e. curl_easy_perform has already completed for this
handle). Instead of crashing, we now return a CURLSSLBACKEND_NONE
error.
parent 7b9365c6

lib/getinfo.c

+3 −0
Original line number Diff line number Diff line
@@ -288,6 +288,9 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info, 
      tlsinfo->ssl_backend = CURLSSLBACKEND_NONE;

      tlsinfo->internals = NULL;



      if(!conn)

        break;



      /* Find the active ("in use") SSL connection, if any */

      while((sockindex < sizeof(conn->ssl) / sizeof(conn->ssl[0])) &&

            (!conn->ssl[sockindex].use))