From a5911f76d02b0de6fbc20b4c943ee33f54b432af Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Tue, 29 Jan 2019 20:31:47 +0000
Subject: [PATCH] Fix null dereference in ssh_unthrottle.

The backend_unthrottle function gets called when the backlog on stdout
clears, and it's possible for that to happen _after_ the SSH backend
has terminated the connection and freed all its protocol modules (e.g.
if a protocol error occurred on the network while data was still
waiting to be written to stdout). So ssh_unthrottle should check that
ssh->cl still exists before calling any method of it.
---
 ssh.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ssh.c b/ssh.c
index ad4f9506..4d1737f0 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1013,7 +1013,8 @@ static void ssh_unthrottle(Backend *be, int bufsize)
 {
     Ssh *ssh = container_of(be, Ssh, backend);
 
-    ssh_stdout_unthrottle(ssh->cl, bufsize);
+    if (ssh->cl)
+        ssh_stdout_unthrottle(ssh->cl, bufsize);
 }
 
 static bool ssh_connected(Backend *be)