On Wed, Jun 19, 2024 at 03:41:06PM +0200, Yann Ylavic wrote: > Done in PR 454, will update STATUS too.
In the path where keep_addr_alive and keep_conn_alive are both false, conn_cleanup(conn) is run, which sets conn->address = NULL, and then running proxy_address_cleanup() leads to a NULL pointer deference in the following apr_pool_cleanup_run() invocation. https://github.com/apache/httpd/blob/6990550415e0801c8e73fa961036888ba1907fc1/modules/proxy/proxy_util.c#L3063 I can fix it like this, but not sure if it's right: static apr_status_t proxy_address_cleanup(void *address) { - proxy_address_dec(address); + if (address) proxy_address_dec(address); return APR_SUCCESS; }
