AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Avoid potential NULL dereference.

Browse Source 
May happen with a faulty configuration (eg no allowed curve but trying to use
ECDHE key exchange), but not trigger able remotely.

(Found with Clang's scan-build.)
This commit is contained in:
Manuel Pégourié-Gonnard 2015-06-23 14:11:39 +02:00
parent 14bf7063b9
commit b86145e6cd
1 changed files with 1 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
library/ssl_srv.c
View File

@ -2647,7 +2647,6 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
* } ServerECDHParams;
*/
const mbedtls_ecp_curve_info **curve = NULL;
#if defined(MBEDTLS_ECP_C)
const mbedtls_ecp_group_id *gid;
/* Match our preference list against the offered curves */
@ -2657,11 +2656,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
goto curve_matching_done;
curve_matching_done:
#else
curve = ssl->handshake->curves;
#endif
if( *curve == NULL )
if( curve == NULL || *curve == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) );
return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );