BUG/MINOR: mux-quic: check access on qcs stream-endpoint

Since the following commit, allocation of stream-endpoint has been
delayed. The objective is to allocate it only for QCS attached to an
upper stream object.

  commit e6064c561684d9b079e3b5725d38dc3b5c1b5cd5
  OPTIM: mux-quic: delay FE sedesc alloc to stream creation

However, some MUX functions are unsafe as qcs->sd is dereferenced
without any check on it which will result in a crash. Fix this by
testing that qcs->sd is allocated before using it.

This does not need to be backported, unless the above patch is.

src/mux_quic.c

@@ -2237,16 +2237,18 @@ int qcc_recv_stop_sending(struct qcc *qcc, uint64_t id, uint64_t err)
 		}
 	}
 
-	/* Manually set EOS if FIN already reached as futures RESET_STREAM will be ignored in this case. */
-	if (qcs_sc(qcs) && se_fl_test(qcs->sd, SE_FL_EOI)) {
-		se_fl_set(qcs->sd, SE_FL_EOS);
-		qcs_alert(qcs);
-	}
+	if (qcs->sd) {
+		/* Manually set EOS if FIN already reached as futures RESET_STREAM will be ignored in this case. */
+		if (qcs_sc(qcs) && se_fl_test(qcs->sd, SE_FL_EOI)) {
+			se_fl_set(qcs->sd, SE_FL_EOS);
+			qcs_alert(qcs);
+		}
 
-	/* If not defined yet, set abort info for the sedesc */
-	if (!qcs->sd->abort_info.info) {
-		qcs->sd->abort_info.info = (SE_ABRT_SRC_MUX_QUIC << SE_ABRT_SRC_SHIFT);
-		qcs->sd->abort_info.code = err;
+		/* If not defined yet, set abort info for the sedesc */
+		if (!qcs->sd->abort_info.info) {
+			qcs->sd->abort_info.info = (SE_ABRT_SRC_MUX_QUIC << SE_ABRT_SRC_SHIFT);
+			qcs->sd->abort_info.code = err;
+		}
 	}
 
 	/* RFC 9000 3.5. Solicited State Transitions
@@ -3075,7 +3077,7 @@ static void qcc_wait_for_hs(struct qcc *qcc)
 		node = eb64_first(&qcc->streams_by_id);
 		while (node) {
 			qcs = container_of(node, struct qcs, by_id);
-			if (se_fl_test(qcs->sd, SE_FL_WAIT_FOR_HS))
+			if (qcs_sc(qcs) && se_fl_test(qcs->sd, SE_FL_WAIT_FOR_HS))
 				qcs_notify_recv(qcs);
 			node = eb64_next(node);
 		}