curl_easy_getopt: Handle API violation gracefully

This fixes a NULL dereference in the case where the client asks for
CURLINFO_TLS_SESSION data after the (TLS) session has already been
destroyed (i.e. curl_easy_perform has already completed for this
handle). Instead of crashing, we now return a CURLSSLBACKEND_NONE
error.

diff --git a/lib/getinfo.c b/lib/getinfo.c
index 6a4e72e..cd5a62a 100644 (file)
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -288,6 +288,9 @@ static CURLcode getinfo_slist(struct SessionHandle *data, CURLINFO info,
       tlsinfo->ssl_backend = CURLSSLBACKEND_NONE;
       tlsinfo->internals = NULL;
 
+      if(!conn)
+        break;
+
       /* Find the active ("in use") SSL connection, if any */
       while((sockindex < sizeof(conn->ssl) / sizeof(conn->ssl[0])) &&
             (!conn->ssl[sockindex].use))