diff options
author | Matt Caswell <matt@openssl.org> | 2020-03-27 16:05:36 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-03-30 14:46:54 +0100 |
commit | c2146b57d296aa5b06e27cd8d76bbd040a3444b9 (patch) | |
tree | 467eb31b06bb0015134918b62ee152e56850a7a6 /ssl | |
parent | 743d9c16deee09bdd336a96170eb3e117508db1b (diff) |
Don't attempt to up-ref an EVP_CIPHER if it is NULL
EVP_CIPHERs in the ssl_cipher_methods table can be NULL if
they are not available. We shouldn't attempt to up-ref a
cipher if it is NULL.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11426)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/ssl_ciph.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 23d156a702..745afae630 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -457,7 +457,10 @@ int ssl_cipher_get_evp_cipher(SSL_CTX *ctx, const SSL_CIPHER *sslc, if (*enc == NULL) return 0; } else { - if (!ssl_evp_cipher_up_ref(ctx->ssl_cipher_methods[i])) + const EVP_CIPHER *cipher = ctx->ssl_cipher_methods[i]; + + if (cipher == NULL + || !ssl_evp_cipher_up_ref(cipher)) return 0; *enc = ctx->ssl_cipher_methods[i]; } |