Null pointer dereference on tcp_client_input_handler_rfc6062data function

[ycaibb]

The function is on the file coturn/src/server/ns_turn_server.c.

static void tcp_client_input_handler_rfc6062data(ioa_socket_handle s, int event_type, ioa_net_data *in_buffer, void *arg, int can_resume)
{
	...;
	tcp_connection *tc = (tcp_connection*)arg;
	ts_ur_super_session *ss=NULL;    // null pointer
	allocation *a=(allocation*)tc->owner;
	if(a) {.    // if a is null, skip this branch
		ss=(ts_ur_super_session*)a->owner;
	}

	...;

	ioa_network_buffer_handle nbh = in_buffer->nbh;
	in_buffer->nbh = NULL;

	uint32_t bytes = (uint32_t)ioa_network_buffer_get_size(nbh);
	if(ss) {.  //skip this branch
		++(ss->received_packets);
		ss->received_bytes += bytes;
	}

	...;

	if (!skip) { // ss is null and enter this branch
		++(ss->peer_sent_packets);   // null pointer dereference happens here
		ss->peer_sent_bytes += bytes;  
	}

	turn_report_session_usage(ss, 0);
}

[misi]

@ycaibb Thanks!!