From 153d4a89d0451ae896c9922ce2490b4ab8ddc8bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20L=C3=A9caille?= <flecaille@haproxy.com>
Date: Wed, 6 Jan 2021 12:12:39 +0100
Subject: [PATCH] BUG/MINOR: quic: NULL pointer dereferences when building post
 handshake frames.

The second one was detected by cppcheck contrary to the first one.
Fixes issue #1032.
Thank you to Ilya for having reported this.
---
 src/xprt_quic.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/xprt_quic.c b/src/xprt_quic.c
index c20d877c3..7232c6575 100644
--- a/src/xprt_quic.c
+++ b/src/xprt_quic.c
@@ -1871,6 +1871,9 @@ static int quic_build_post_handshake_frames(struct quic_conn *conn)
 	/* Only servers must send a HANDSHAKE_DONE frame. */
 	if (!objt_server(conn->conn->target)) {
 		frm = pool_alloc(pool_head_quic_frame);
+		if (!frm)
+			return 0;
+
 		frm->type = QUIC_FT_HANDSHAKE_DONE;
 		LIST_ADDQ(&conn->tx.frms_to_send, &frm->list);
 	}
@@ -1879,7 +1882,6 @@ static int quic_build_post_handshake_frames(struct quic_conn *conn)
 		struct quic_connection_id *cid;
 
 		frm = pool_alloc(pool_head_quic_frame);
-		memset(frm, 0, sizeof *frm);
 		cid = new_quic_cid(&conn->cids, i);
 		if (!frm || !cid)
 			goto err;