You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since data can be NULL in here, calling failf() can be bad. Since should
also be a terribly rare error so the lack of error message for this
should be managable.
Reported-by: wxiaoguang on github
Fixes#15485
steps
Curl_failf
does:if(data->set.verbose || data->set.errorbuffer)
There is a call path to pass NULL data to it:
Curl_socketpair -> Curl_rand(NULL) -> Curl_rand_bytes(NULL) -> randit(NULL) -> Curl_ssl_random(NULL) -> mbedtls_random(NULL) -> failf(NULL)
(if anything error happens in
mbedtls_random
)curl/libcurl version
many versions including master branch
The text was updated successfully, but these errors were encountered: