aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGordon Tetlow <gordon@FreeBSD.org>2020-04-21 15:53:08 +0000
committerGordon Tetlow <gordon@FreeBSD.org>2020-04-21 15:53:08 +0000
commit2037abc612ad18405ca6bebb8ce64a391c0c6a42 (patch)
tree755d01eb7b25ee988f454bd08c809ac8380aa758
parentb2139df42d40ad7db79949b01ad30cb74a564f9c (diff)
downloadsrc-2037abc612ad18405ca6bebb8ce64a391c0c6a42.tar.gz
src-2037abc612ad18405ca6bebb8ce64a391c0c6a42.zip
Fix OpenSSL remote denial of service vulnerability.
Approved by: so Security: FreeBSD-SA-20:11.openssl Security: CVE-2020-1967
Notes
Notes: svn path=/releng/12.1/; revision=360150
-rw-r--r--crypto/openssl/ssl/t1_lib.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c
index b482019c4c17..5287d10a2d0a 100644
--- a/crypto/openssl/ssl/t1_lib.c
+++ b/crypto/openssl/ssl/t1_lib.c
@@ -2099,7 +2099,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
sigalg = use_pc_sigalgs
? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
: s->shared_sigalgs[i];
- if (sig_nid == sigalg->sigandhash)
+ if (sigalg != NULL && sig_nid == sigalg->sigandhash)
return 1;
}
return 0;