From 981a37916fdb7b73435c6d5cdb01428b2269427d Mon Sep 17 00:00:00 2001
From: TJ Saunders <tj@castaglia.org>
Date: Sun, 9 Feb 2025 12:14:25 -0800
Subject: [PATCH] Issue #1866: Some of the fuzzing tests submitted in the
 advisory ran into existing null pointer dereferences (not buffer overflows);
 let's correct them. (#1867)

Upstream-Status: Backport [https://github.com/proftpd/proftpd/commit/981a37916fdb7b73435c6d5cdb01428b2269427d]
CVE: CVE-2024-57392
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
 modules/mod_ls.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/modules/mod_ls.c b/modules/mod_ls.c
index 45a3187bd..f7abfe540 100644
--- a/modules/mod_ls.c
+++ b/modules/mod_ls.c
@@ -349,7 +349,8 @@ static int sendline(int flags, char *fmt, ...) {
           errno != 0) {
         int xerrno = errno;
 
-        if (session.d != NULL) {
+        if (session.d != NULL &&
+	    session.d->outstrm != NULL) {
           xerrno = PR_NETIO_ERRNO(session.d->outstrm);
         }
 
@@ -1039,7 +1040,9 @@ static int outputfiles(cmd_rec *cmd) {
     return res;
   }
 
-  tail->down = NULL;
+  if (tail != NULL) {
+    tail->down = NULL;
+  }
   tail = NULL;
   colwidth = (colwidth | 7) + 1;
   if (opt_l || !opt_C) {
-- 
2.25.1