diff options
author | Gordon Tetlow <gordon@FreeBSD.org> | 2020-04-21 15:53:08 +0000 |
---|---|---|
committer | Gordon Tetlow <gordon@FreeBSD.org> | 2020-04-21 15:53:08 +0000 |
commit | 2037abc612ad18405ca6bebb8ce64a391c0c6a42 (patch) | |
tree | 755d01eb7b25ee988f454bd08c809ac8380aa758 | |
parent | b2139df42d40ad7db79949b01ad30cb74a564f9c (diff) | |
download | src-test2-2037abc612ad18405ca6bebb8ce64a391c0c6a42.tar.gz src-test2-2037abc612ad18405ca6bebb8ce64a391c0c6a42.zip |
Fix OpenSSL remote denial of service vulnerability.
Approved by: so
Security: FreeBSD-SA-20:11.openssl
Security: CVE-2020-1967
Notes
Notes:
svn path=/releng/12.1/; revision=360150
-rw-r--r-- | crypto/openssl/ssl/t1_lib.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c index b482019c4c17..5287d10a2d0a 100644 --- a/crypto/openssl/ssl/t1_lib.c +++ b/crypto/openssl/ssl/t1_lib.c @@ -2099,7 +2099,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid) sigalg = use_pc_sigalgs ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i]) : s->shared_sigalgs[i]; - if (sig_nid == sigalg->sigandhash) + if (sigalg != NULL && sig_nid == sigalg->sigandhash) return 1; } return 0; |