From 3adfae37630e1c1c7d4163b1edf7a8786901f416 Mon Sep 17 00:00:00 2001
From: Susan Hinrichs <shinrich@verizonmedia.com>
Date: Fri, 25 Jun 2021 18:28:05 +0000
Subject: [PATCH 1/2] Add null checks for http_load

---
 tools/http_load/http_load.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/tools/http_load/http_load.c b/tools/http_load/http_load.c
index 8d89962b592..f77371a72d9 100644
--- a/tools/http_load/http_load.c
+++ b/tools/http_load/http_load.c
@@ -1164,6 +1164,12 @@ handle_connect(int cnum, struct timeval *nowP, int double_check)
       SSL_load_error_strings();
       SSL_library_init();
       ssl_ctx = SSL_CTX_new(SSLv23_client_method());
+      if (ssl_ctx == NULL) {
+        (void)fprintf(stderr, "%s: failed to create SSL_CTX\n", argv0);
+        ERR_print_errors_fp(stderr);
+        return;
+      }
+
       /* For some reason this does not seem to work, but indications are that it should...
          Maybe something with how we create connections? TODO: Fix it... */
       SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, cert_verify_callback);
@@ -1187,6 +1193,10 @@ handle_connect(int cnum, struct timeval *nowP, int double_check)
     if (flags != -1)
       (void)fcntl(connections[cnum].conn_fd, F_SETFL, flags & ~(int)O_NDELAY);
     connections[cnum].ssl = SSL_new(ssl_ctx);
+    if (connections[cnum].ssl == NULL) {
+      (void)fprintf(stderr, "%s: failed to create SSL\n", argv0);
+      ERR_print_errors_fp(stderr);
+    }
     SSL_set_fd(connections[cnum].ssl, connections[cnum].conn_fd);
     r = SSL_connect(connections[cnum].ssl);
     if (r <= 0) {

From 638d590d02f5fa2660c02fd76583f2389bb0e711 Mon Sep 17 00:00:00 2001
From: Susan Hinrichs <shinrich@verizonmedia.com>
Date: Fri, 25 Jun 2021 18:38:00 +0000
Subject: [PATCH 2/2] Actually close up and return in the error case

---
 tools/http_load/http_load.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tools/http_load/http_load.c b/tools/http_load/http_load.c
index f77371a72d9..5547f96819e 100644
--- a/tools/http_load/http_load.c
+++ b/tools/http_load/http_load.c
@@ -1196,6 +1196,8 @@ handle_connect(int cnum, struct timeval *nowP, int double_check)
     if (connections[cnum].ssl == NULL) {
       (void)fprintf(stderr, "%s: failed to create SSL\n", argv0);
       ERR_print_errors_fp(stderr);
+      close_connection(cnum);
+      return;
     }
     SSL_set_fd(connections[cnum].ssl, connections[cnum].conn_fd);
     r = SSL_connect(connections[cnum].ssl);
@@ -2812,7 +2814,7 @@ close_connection(int cnum)
     ev.data.u32 = cnum;
     if (epoll_ctl(epfd, EPOLL_CTL_DEL, connections[cnum].conn_fd, &ev) < 0)
       perror("epoll delete fd");
-    if (urls[connections[cnum].url_num].protocol == PROTO_HTTPS)
+    if (urls[connections[cnum].url_num].protocol == PROTO_HTTPS && connections[cnum].ssl != NULL)
       SSL_free(connections[cnum].ssl);
     (void)close(connections[cnum].conn_fd);
   } else {