From 790c7d0adec360093187a13af16db639578f0f02 Mon Sep 17 00:00:00 2001
From: Michael Nebel <michaelnebel@github.com>
Date: Mon, 9 Dec 2024 10:11:49 +0100
Subject: [PATCH] C#: Introduce null checks in the NugetPackageRestorer.

---
 .../NugetPackageRestorer.cs                                   | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackageRestorer.cs b/csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackageRestorer.cs
index d0c0af6b768ba..9a366d86f6271 100644
--- a/csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackageRestorer.cs
+++ b/csharp/extractor/Semmle.Extraction.CSharp.DependencyFetching/NugetPackageRestorer.cs
@@ -604,6 +604,10 @@ private bool IsFeedReachable(string feed, int timeoutMilliSeconds, int tryCount,
                 {
                     httpClientHandler.ServerCertificateCustomValidationCallback = (message, cert, chain, _) =>
                     {
+                        if (chain is null || cert is null)
+                        {
+                            return false;
+                        }
                         chain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
                         chain.ChainPolicy.CustomTrustStore.Add(this.dependabotProxy.Certificate);
                         return chain.Build(cert);