fix: null pointer dereference in create_ssl_context_from_bun_options

SSL_CTX_new() can return NULL on allocation failure, but the return
value was used without a null check, causing a segfault (at address
0x00000000) during HTTPS proxy tunnel handshake.

Add null checks after SSL_CTX_new() in both create_ssl_context_from_options
and create_ssl_context_from_bun_options, and add a corresponding error
enum value so callers get a proper error instead of a crash.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

packages/bun-usockets/src/crypto/openssl.c

@@ -761,6 +761,9 @@ SSL_CTX *
 create_ssl_context_from_options(struct us_socket_context_options_t options) {
   /* Create the context */
   SSL_CTX *ssl_context = SSL_CTX_new(TLS_method());
+  if (!ssl_context) {
+    return NULL;
+  }
 
   /* Default options we rely on - changing these will break our logic */
   SSL_CTX_set_read_ahead(ssl_context, 1);
@@ -1140,6 +1143,10 @@ SSL_CTX *create_ssl_context_from_bun_options(
 
   /* Create the context */
   SSL_CTX *ssl_context = SSL_CTX_new(TLS_method());
+  if (!ssl_context) {
+    *err = CREATE_BUN_SOCKET_ERROR_FAILED_TO_CREATE_CONTEXT;
+    return NULL;
+  }
 
   /* Default options we rely on - changing these will break our logic */
   SSL_CTX_set_read_ahead(ssl_context, 1);

packages/bun-usockets/src/libusockets.h

@@ -263,6 +263,7 @@ enum create_bun_socket_error_t {
   CREATE_BUN_SOCKET_ERROR_INVALID_CA_FILE,
   CREATE_BUN_SOCKET_ERROR_INVALID_CA,
   CREATE_BUN_SOCKET_ERROR_INVALID_CIPHERS,
+  CREATE_BUN_SOCKET_ERROR_FAILED_TO_CREATE_CONTEXT,
 };
 
 struct us_socket_context_t *us_create_bun_ssl_socket_context(struct us_loop_t *loop,

src/deps/uws.zig

@@ -70,6 +70,7 @@ pub const create_bun_socket_error_t = enum(c_int) {
     invalid_ca_file,
     invalid_ca,
     invalid_ciphers,
+    failed_to_create_context,
 
     pub fn message(this: create_bun_socket_error_t) ?[]const u8 {
         return switch (this) {
@@ -78,6 +79,7 @@ pub const create_bun_socket_error_t = enum(c_int) {
             .invalid_ca_file => "Invalid CA file",
             .invalid_ca => "Invalid CA",
             .invalid_ciphers => "Invalid ciphers",
+            .failed_to_create_context => "Failed to create SSL context",
         };
     }
 
@@ -91,6 +93,7 @@ pub const create_bun_socket_error_t = enum(c_int) {
             .invalid_ca_file => globalObject.ERR(.BORINGSSL, "Invalid CA file", .{}).toJS(),
             .invalid_ca => globalObject.ERR(.BORINGSSL, "Invalid CA", .{}).toJS(),
             .invalid_ciphers => globalObject.ERR(.BORINGSSL, "Invalid ciphers", .{}).toJS(),
+            .failed_to_create_context => globalObject.ERR(.BORINGSSL, "Failed to create SSL context", .{}).toJS(),
         };
     }
 };