Add a missing check on s->s3->tmp.pkey

Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7405) (cherry picked from commit 61bef9bde09dc6099a7c59baa79898e3b003fec3)
author: Mansour Ahmadi <m.ahmadi@northeastern.edu> 2018-10-15 15:11:24 -0400
committer: Matt Caswell <matt@openssl.org> 2018-10-17 09:29:50 +0100
commit: 72a859c9755ef845c83d53986b3d48b0f1ee5430 (patch)
tree: 940cd881475e291aa6ee2d4ce1938c9c71ef2c75 /ssl
parent: 391f76f1a5869c228e75b4435656819b4dfb43a9 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 95f83c8462..ac5fd09134 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3224,6 +3224,12 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
                      SSL_R_LENGTH_MISMATCH);
             goto err;
         }
+        if (skey == NULL) {
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE,
+                     SSL_R_MISSING_TMP_ECDH_KEY);
+            goto err;
+        }
+
         ckey = EVP_PKEY_new();
         if (ckey == NULL || EVP_PKEY_copy_parameters(ckey, skey) <= 0) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE,
author	Mansour Ahmadi <m.ahmadi@northeastern.edu>	2018-10-15 15:11:24 -0400
committer	Matt Caswell <matt@openssl.org>	2018-10-17 09:29:50 +0100
commit	72a859c9755ef845c83d53986b3d48b0f1ee5430 (patch)
tree	940cd881475e291aa6ee2d4ce1938c9c71ef2c75 /ssl
parent	391f76f1a5869c228e75b4435656819b4dfb43a9 (diff)