From fa8ca0be4ddd8e120e7c928b7972663527c183ba Mon Sep 17 00:00:00 2001 From: Willy Tarreau Date: Wed, 1 Jul 2026 14:28:18 +0200 Subject: [PATCH] BUILD: ssl: avoid a wrong null deref warning in ssl_sock_handshake When disabling traces, "conn" isn't used between ctx assignment and its first usage, and as usual, gcc wrongly believes that a null check in a shared function implies the checked argument may be NULL where it's used, leading to this warning: src/ssl_sock.c: In function 'ssl_sock_handshake.constprop': src/ssl_sock.c:6049:7: warning: null pointer dereference [-Wnull-dereference] Assigning ctx after the conn_ctrl_ready() check is sufficient to shut it up, so let's do this. It should also result in slightly better code. --- src/ssl_sock.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ssl_sock.c b/src/ssl_sock.c index 5e5329a22..7220f400a 100644 --- a/src/ssl_sock.c +++ b/src/ssl_sock.c @@ -6037,7 +6037,7 @@ void ssl_sock_handle_hs_error(struct connection *conn) */ static int ssl_sock_handshake(struct connection *conn, unsigned int flag) { - struct ssl_sock_ctx *ctx = conn_get_ssl_sock_ctx(conn); + struct ssl_sock_ctx *ctx; int ret; struct ssl_counters *counters = NULL; struct ssl_counters *counters_px = NULL; @@ -6049,6 +6049,7 @@ static int ssl_sock_handshake(struct connection *conn, unsigned int flag) if (!conn_ctrl_ready(conn)) return 0; + ctx = conn_get_ssl_sock_ctx(conn); if (!ctx) goto out_error; -- 2.47.3