Fix OpenSSL remote denial of service vulnerability.

Approved by: so Security: FreeBSD-SA-20:11.openssl Security: CVE-2020-1967
author: Gordon Tetlow <gordon@FreeBSD.org> 2020-04-21 15:53:08 +0000
committer: Gordon Tetlow <gordon@FreeBSD.org> 2020-04-21 15:53:08 +0000
commit: 2037abc612ad18405ca6bebb8ce64a391c0c6a42 (patch)
tree: 755d01eb7b25ee988f454bd08c809ac8380aa758
parent: b2139df42d40ad7db79949b01ad30cb74a564f9c (diff)
download: src-test2-2037abc612ad18405ca6bebb8ce64a391c0c6a42.tar.gz
src-test2-2037abc612ad18405ca6bebb8ce64a391c0c6a42.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c
index b482019c4c17..5287d10a2d0a 100644
--- a/crypto/openssl/ssl/t1_lib.c
+++ b/crypto/openssl/ssl/t1_lib.c
@@ -2099,7 +2099,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
         sigalg = use_pc_sigalgs
                  ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
                  : s->shared_sigalgs[i];
-        if (sig_nid == sigalg->sigandhash)
+        if (sigalg != NULL && sig_nid == sigalg->sigandhash)
             return 1;
     }
     return 0;
author	Gordon Tetlow <gordon@FreeBSD.org>	2020-04-21 15:53:08 +0000
committer	Gordon Tetlow <gordon@FreeBSD.org>	2020-04-21 15:53:08 +0000
commit	2037abc612ad18405ca6bebb8ce64a391c0c6a42 (patch)
tree	755d01eb7b25ee988f454bd08c809ac8380aa758
parent	b2139df42d40ad7db79949b01ad30cb74a564f9c (diff)
download	src-test2-2037abc612ad18405ca6bebb8ce64a391c0c6a42.tar.gz src-test2-2037abc612ad18405ca6bebb8ce64a391c0c6a42.zip