Check that a secondary auth manager is set before dereferencing.

Summary: CVE-2018-6343 Reviewed By: mingtaoy Differential Revision: D12994423 fbshipit-source-id: 9229ec11da8085f1fa153595e8e5353e19d06fb7
facebook · Nov 12, 2018 · 0600ebe · 0600ebe
1 parent abdbc69
commit 0600ebe
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/proxygen/lib/http/session/HTTPSession.cpp b/proxygen/lib/http/session/HTTPSession.cpp
@@ -1349,6 +1349,10 @@ void HTTPSession::onCertificateRequest(uint16_t requestId,
   DestructorGuard dg(this);
   VLOG(4) << "CERTIFICATE_REQUEST on" << *this << ", requestId=" << requestId;
 
+  if (!secondAuthManager_) {
+    return;
+  }
+
   std::pair<uint16_t, std::unique_ptr<folly::IOBuf>> authenticator;
   auto fizzBase = getTransport()->getUnderlyingTransport<AsyncFizzBase>();
   if (fizzBase) {
@@ -1382,6 +1386,10 @@ void HTTPSession::onCertificate(uint16_t certId,
   DestructorGuard dg(this);
   VLOG(4) << "CERTIFICATE on" << *this << ", certId=" << certId;
 
+  if (!secondAuthManager_) {
+    return;
+  }
+
   bool isValid = false;
   auto fizzBase = getTransport()->getUnderlyingTransport<AsyncFizzBase>();
   if (fizzBase) {