Fix null pointer dereference in set_ssl_ctx#1727
Fix null pointer dereference in set_ssl_ctx#1727moon044 wants to merge 2 commits intocoturn:masterfrom
Conversation
|
Thank you @moon044 It would be great though to test turnserver under memory stress - there are probably other places in code where memory allocation is protected but the logic farther does not handle it properly |
|
Thanks for the review and thoughtful feedback, @eakraly ! You're absolutely right — this is during startup so the real-world impact is probably minimal. I ran infer on the codebase and found this plus another similar NULL dereference issue in I understand these are minor defensive improvements rather than critical fixes. Should I include the second finding in this PR as well, or handle them separately? Thanks again! |
|
@moon044 you can include it in this one. Thanks! |
What this fixes
Hi,
This PR addresses a potential NULL pointer dereference in
src/apps/relay/netengine.c.In the function
set_ssl_ctx(),malloc()may returnNULLunder low-memory conditions, but this was not checked.As a result, the server could crash by dereferencing a
NULLpointer.Why this is important
If the system runs out of memory and
malloc()fails, dereferencing the result causes a crash, leading to a denial of service.This kind of failure is critical in production TURN deployments where uptime and availability are essential.
What this PR does
Adds a straightforward
NULLcheck aftermalloc()and logs an error if allocation fails.The function's logic remains unchanged — this is a minimal, defensive improvement for stability without any functional side effects.
Thanks for your consideration. I look forward to your feedback.