From 14bf7063b9e3e296e9f792ddeb57222c19ed6132 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 23 Jun 2015 14:07:13 +0200
Subject: [PATCH] Add SSL "assertions" to help static analyzers

scan-build was reporting NULL dereferences
---
 library/ssl_tls.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 86683299b3..8e47a969c2 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -2686,6 +2686,13 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl )
 #endif
     if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
     {
+        if( ssl->out_msg[0] != MBEDTLS_SSL_HS_HELLO_REQUEST &&
+            ssl->handshake == NULL )
+        {
+            MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+            return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+        }
+
         ssl->out_msg[1] = (unsigned char)( ( len - 4 ) >> 16 );
         ssl->out_msg[2] = (unsigned char)( ( len - 4 ) >>  8 );
         ssl->out_msg[3] = (unsigned char)( ( len - 4 )       );
@@ -3118,8 +3125,11 @@ static int ssl_prepare_handshake_record( mbedtls_ssl_context *ssl )
         return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
     }
 
-    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER )
+    if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER &&
+        ssl->handshake != NULL )
+    {
         ssl->handshake->update_checksum( ssl, ssl->in_msg, ssl->in_hslen );
+    }
 
     /* Handshake message is complete, increment counter */
 #if defined(MBEDTLS_SSL_PROTO_DTLS)