mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-28 09:39:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Avoid potential NULL dereference.

Browse Source 
May happen with a faulty configuration (eg no allowed curve but trying to use
ECDHE key exchange), but not trigger able remotely.

(Found with Clang's scan-build.)
This commit is contained in:
Manuel Pégourié-Gonnard 2015-06-23 14:11:39 +02:00
parent 14bf7063b9
commit b86145e6cd
1 changed files with 1 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
library/ssl_srv.c
View File

@ -2647,7 +2647,6 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
* } ServerECDHParams; * } ServerECDHParams;
*/ */
const mbedtls_ecp_curve_info **curve = NULL; const mbedtls_ecp_curve_info **curve = NULL;
#if defined(MBEDTLS_ECP_C)
const mbedtls_ecp_group_id *gid; const mbedtls_ecp_group_id *gid;
/* Match our preference list against the offered curves */ /* Match our preference list against the offered curves */
@ -2657,11 +2656,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
goto curve_matching_done; goto curve_matching_done;
curve_matching_done: curve_matching_done:
#else if( curve == NULL || *curve == NULL )
curve = ssl->handshake->curves;
#endif
if( *curve == NULL )
{ {
MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) );
return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );