From 5999d20ea8ed1c69e89b201fa70a5964ff11665e Mon Sep 17 00:00:00 2001
From: Shane Lontis <shane.lontis@oracle.com>
Date: Mon, 6 Jul 2020 16:13:48 +1000
Subject: Fix CID 1463883 Dereference after null check (in ess_find_cert_v2())

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12379)
---
 crypto/ess/ess_lib.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'crypto/ess')

diff --git a/crypto/ess/ess_lib.c b/crypto/ess/ess_lib.c
index 17f9db98ff..3f418235ad 100644
--- a/crypto/ess/ess_lib.c
+++ b/crypto/ess/ess_lib.c
@@ -339,7 +339,9 @@ int ess_find_cert_v2(const STACK_OF(ESS_CERT_ID_V2) *cert_ids, const X509 *cert)
         const ESS_CERT_ID_V2 *cid = sk_ESS_CERT_ID_V2_value(cert_ids, i);
         const EVP_MD *md;
 
-        if (cid != NULL && cid->hash_alg != NULL)
+        if (cid == NULL)
+            return -1;
+        if (cid->hash_alg != NULL)
             md = EVP_get_digestbyobj(cid->hash_alg->algorithm);
         else
             md = EVP_sha256();
-- 
cgit v1.2.3