[openssl-commits] [openssl] master update
kaduk at mit.edu
kaduk at mit.edu
Sun Jul 1 23:20:51 UTC 2018
The branch master has been updated
via 5281bb2252be6575ebb7a8b683e6bd160476fa2a (commit)
from 8794be2ed8d2e044d8b0135ddb7e903e81335c94 (commit)
- Log -----------------------------------------------------------------
commit 5281bb2252be6575ebb7a8b683e6bd160476fa2a
Author: Benjamin Kaduk <kaduk at mit.edu>
Date: Sun Jul 1 12:49:24 2018 -0500
Address coverity-reported NULL dereference in SSL_SESSION_print()
We need to check the provided SSL_SESSION* for NULL before
attempting to derference it to see if it's a TLS 1.3 session.
Reviewed-by: Kurt Roeckx <kurt at roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/6622)
-----------------------------------------------------------------------
Summary of changes:
ssl/ssl_txt.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
index 3856491..cf6e4c3 100644
--- a/ssl/ssl_txt.c
+++ b/ssl/ssl_txt.c
@@ -33,10 +33,11 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
{
size_t i;
const char *s;
- int istls13 = (x->ssl_version == TLS1_3_VERSION);
+ int istls13;
if (x == NULL)
goto err;
+ istls13 = (x->ssl_version == TLS1_3_VERSION);
if (BIO_puts(bp, "SSL-Session:\n") <= 0)
goto err;
s = ssl_protocol_to_string(x->ssl_version);
More information about the openssl-commits
mailing list