From 688d97e9eda5777531428640e272246760ecc909 Mon Sep 17 00:00:00 2001
From: Yi LIU <yi@quantstamp.com>
Date: Wed, 25 Feb 2026 23:02:38 +0800
Subject: [PATCH] Add NULL check in ns_lookup_list_search for DNS resolution

When no DNS allowlist is configured via --allow-resolve,
wasi_ctx->ns_lookup_list is NULL. This NULL pointer gets passed
to ns_lookup_list_search which dereferences it unconditionally
at the while (*list) loop, causing a crash. A guest WASM module
can trigger this by calling sock_addr_resolve.
---
 .../libc-wasi/sandboxed-system-primitives/src/posix.c          | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/core/iwasm/libraries/libc-wasi/sandboxed-system-primitives/src/posix.c b/core/iwasm/libraries/libc-wasi/sandboxed-system-primitives/src/posix.c
index 4987a9d833..17e9f59700 100644
--- a/core/iwasm/libraries/libc-wasi/sandboxed-system-primitives/src/posix.c
+++ b/core/iwasm/libraries/libc-wasi/sandboxed-system-primitives/src/posix.c
@@ -74,6 +74,9 @@ ns_lookup_list_search(char **list, const char *host)
 {
     size_t host_len = strlen(host), suffix_len;
 
+    if (!list)
+        return false;
+
     while (*list) {
         if (*list[0] == '*') {
             suffix_len = strlen(*list) - 1;