From 7296fc9e7e2fd7f8661a597dd3f1cd9facc938fa Mon Sep 17 00:00:00 2001
From: Marc Hoersken <info@marc-hoersken.de>
Date: Fri, 18 Apr 2014 23:56:54 +0200
Subject: [PATCH] connect.c: fix multiple possible dereferences of null
pointers
In case the first address in the tempaddr array is NULL,
the code would previously dereference an unchecked null pointer.
---
lib/connect.c | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)
diff --git a/lib/connect.c b/lib/connect.c
index 90283fe85c..b35c36c002 100644
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -545,7 +545,7 @@ static CURLcode trynextip(struct connectdata *conn,
conn->tempsock[tempindex] = CURL_SOCKET_BAD;
if(sockindex == FIRSTSOCKET) {
- Curl_addrinfo *ai;
+ Curl_addrinfo *ai = NULL;
int family;
if(conn->tempaddr[tempindex]) {
@@ -553,7 +553,7 @@ static CURLcode trynextip(struct connectdata *conn,
family = conn->tempaddr[tempindex]->ai_family;
ai = conn->tempaddr[tempindex]->ai_next;
}
- else {
+ else if(conn->tempaddr[0]) {
/* happy eyeballs - try the other protocol family */
int firstfamily = conn->tempaddr[0]->ai_family;
#ifdef ENABLE_IPV6
@@ -811,14 +811,16 @@ CURLcode Curl_is_connected(struct connectdata *conn,
char ipaddress[MAX_IPADR_LEN];
data->state.os_errno = error;
SET_SOCKERRNO(error);
- Curl_printable_address(conn->tempaddr[i], ipaddress, MAX_IPADR_LEN);
- infof(data, "connect to %s port %ld failed: %s\n",
- ipaddress, conn->port, Curl_strerror(conn, error));
+ if(conn->tempaddr[i]) {
+ Curl_printable_address(conn->tempaddr[i], ipaddress, MAX_IPADR_LEN);
+ infof(data, "connect to %s port %ld failed: %s\n",
+ ipaddress, conn->port, Curl_strerror(conn, error));
- conn->timeoutms_per_addr = conn->tempaddr[i]->ai_next == NULL ?
- allow : allow / 2;
+ conn->timeoutms_per_addr = conn->tempaddr[i]->ai_next == NULL ?
+ allow : allow / 2;
- code = trynextip(conn, sockindex, i);
+ code = trynextip(conn, sockindex, i);
+ }
}
}
--
GitLab