From 2edb4b50aca9585b347d9f18fc5f87907139072b Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 15 Feb 2022 11:34:55 +0100
Subject: [PATCH] config: Avoid NULL dereference if no ssh dir is set

This should never happen while parsing configuration files, but the
configuration strings do not have this safeguard.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44619

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
---
 src/config.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/config.c b/src/config.c
index 2496cb5c..2ea988a5 100644
--- a/src/config.c
+++ b/src/config.c
@@ -553,6 +553,10 @@ ssh_config_make_absolute(ssh_session session,
     }
 
     /* Parsing user config relative to home directory (generally ~/.ssh) */
+    if (session->opts.sshdir == NULL) {
+        ssh_set_error_invalid(session);
+        return NULL;
+    }
     outlen = strlen(path) + strlen(session->opts.sshdir) + 1 + 1;
     out = malloc(outlen);
     if (out == NULL) {