H2: fix crash issue

author Seonah Moon <seonah1.moon@samsung.com>

Wed, 18 Oct 2023 13:04:22 +0000 (22:04 +0900)

committer Seonah Moon <seonah1.moon@samsung.com>

Wed, 18 Oct 2023 13:06:04 +0000 (22:06 +0900)
author Seonah Moon <seonah1.moon@samsung.com>
Wed, 18 Oct 2023 13:04:22 +0000 (22:04 +0900)
committer Seonah Moon <seonah1.moon@samsung.com>
Wed, 18 Oct 2023 13:06:04 +0000 (22:06 +0900)
diff --git a/lib/http2.c b/lib/http2.c

index 925d9828b2d01c9721bc14626b2f0c01e17048d4..06cc1bda4c6cb642551afb8e4ceb3623d51b5cae 100644 (file)
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -1585,6 +1585,17 @@ static ssize_t http2_recv(struct connectdata *conn, int sockindex,
      return -1;
    }
  
+  if(!stream) {
+    /* Abnormal call sequence: either this transfer has never opened a stream
+     * (unlikely) or the transfer has been done, cleaned up its resources, but
+     * a read() is called anyway. It is not clear what the calling sequence
+     * is for such a case. */
+    failf(data, "http2_recv: http/2 recv on a transfer never opened "
+          "or already cleared\n");
+    *err = CURLE_HTTP2;
+    return -1;
+  }
+
    /* Nullify here because we call nghttp2_session_send() and they
       might refer to the old buffer. */
    stream->upload_mem = NULL;
author	Seonah Moon <seonah1.moon@samsung.com>
	Wed, 18 Oct 2023 13:04:22 +0000 (22:04 +0900)
committer	Seonah Moon <seonah1.moon@samsung.com>
	Wed, 18 Oct 2023 13:06:04 +0000 (22:06 +0900)