avoid null-pointer deref (aka CAN-2004-0079)

see http://www.openssl.org/news/secadv_20040317.txt
author: markus <markus@openbsd.org> 2004-03-17 12:28:29 +0000
committer: markus <markus@openbsd.org> 2004-03-17 12:28:29 +0000
commit: 094bf3c4db77e9979482436d4be080e43050ae10 (patch)
tree: a41d5b53e0865de982f2ba334e3fc68ad5cb062c /lib/libssl/src
parent: typo in comment (fragment->segment); ok itojun@ (diff)
download: wireguard-openbsd-094bf3c4db77e9979482436d4be080e43050ae10.tar.xz
wireguard-openbsd-094bf3c4db77e9979482436d4be080e43050ae10.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/libssl/src/ssl/s3_pkt.c b/lib/libssl/src/ssl/s3_pkt.c
index 3f88429e79a..9f3e5139ad9 100644
--- a/lib/libssl/src/ssl/s3_pkt.c
+++ b/lib/libssl/src/ssl/s3_pkt.c
@@ -1085,6 +1085,14 @@ start:
 			goto err;
 			}
 
+		/* Check we have a cipher to change to */
+		if (s->s3->tmp.new_cipher == NULL)
+			{
+			i=SSL_AD_UNEXPECTED_MESSAGE;
+			SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
+			goto err;
+			}
+
 		rr->length=0;
 
 		if (s->msg_callback)
author	markus <markus@openbsd.org>	2004-03-17 12:28:29 +0000
committer	markus <markus@openbsd.org>	2004-03-17 12:28:29 +0000
commit	094bf3c4db77e9979482436d4be080e43050ae10 (patch)
tree	a41d5b53e0865de982f2ba334e3fc68ad5cb062c /lib/libssl/src
parent	typo in comment (fragment->segment); ok itojun@ (diff)
download	wireguard-openbsd-094bf3c4db77e9979482436d4be080e43050ae10.tar.xz wireguard-openbsd-094bf3c4db77e9979482436d4be080e43050ae10.zip