From da6fbb12a6598a7c9e9e54d66e1454973ffc888e Mon Sep 17 00:00:00 2001
From: Viktor Szakats <commit@vsz.me>
Date: Sun, 1 Mar 2026 04:46:39 +0100
Subject: [PATCH] http1: fix potential NULL dereference in
 `Curl_h1_req_parse_read()`

Reported by clang-tidy v22 with `clang-analyzer-*` explicitly enabled:

```
lib/http1.c:89:31: error: Subtraction of a non-null pointer
 (from variable 'line_end') and a null pointer (via field 'line')
 results in undefined behavior [clang-analyzer-core.NullPointerArithm]
   89 |   parser->line_len = line_end - parser->line + 1;
      |                               ^
```
Ref: https://github.com/curl/curl/actions/runs/22534731241/job/65279952830?pr=20778#step:11:85

Ref: #20778

Closes #20779
---
 lib/http1.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/http1.c b/lib/http1.c
index 9e584248be..60ad32ce89 100644
--- a/lib/http1.c
+++ b/lib/http1.c
@@ -269,6 +269,11 @@ CURLcode Curl_h1_req_parse_read(struct h1_req_parser *parser,
   size_t nread;
 
   *pnread = 0;
+
+  DEBUGASSERT(buf);
+  if(!buf)
+    return CURLE_BAD_FUNCTION_ARGUMENT;
+
   while(!parser->done) {
     result = next_line(parser, buf, buflen, options, &nread);
     if(result) {