Prevent a null pointer dereference in nse_nsock_get_ssl.

This could be provoked by a script calling nmap.get_ssl_certificate on an unconnected socket.
2025-12-15 20:29:03 +00:00 · 2012-05-28 17:44:10 +00:00
parent fc49819007
commit 091d848838
1 changed files with 1 additions and 1 deletions
--- a/nse_nsock.cc
+++ b/nse_nsock.cc
@@ -709,7 +709,7 @@ SSL *nse_nsock_get_ssl (lua_State *L)
 {
  nse_nsock_udata *nu = check_nsock_udata(L, 1, 0);

-  if (!nsi_checkssl(nu->nsiod))
+  if (nu->nsiod == NULL || !nsi_checkssl(nu->nsiod))
    luaL_argerror(L, 1, "not a SSL socket");

  return (SSL *) nsi_getssl(nu->nsiod);