svn commit: r360150 - releng/12.1/crypto/openssl/ssl

Tue Apr 21 15:53:08 UTC 2020

Author: gordon
Date: Tue Apr 21 15:53:08 2020
New Revision: 360150
URL: https://svnweb.freebsd.org/changeset/base/360150

Log:
  Fix OpenSSL remote denial of service vulnerability.
  
  Approved by:	so
  Security:	FreeBSD-SA-20:11.openssl
  Security:	CVE-2020-1967

Modified:
  releng/12.1/crypto/openssl/ssl/t1_lib.c

Modified: releng/12.1/crypto/openssl/ssl/t1_lib.c
==============================================================================

--- releng/12.1/crypto/openssl/ssl/t1_lib.c	Tue Apr 21 15:52:22 2020	(r360149)
+++ releng/12.1/crypto/openssl/ssl/t1_lib.c	Tue Apr 21 15:53:08 2020	(r360150)
@@ -2099,7 +2099,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int def
         sigalg = use_pc_sigalgs
                  ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
                  : s->shared_sigalgs[i];
-        if (sig_nid == sigalg->sigandhash)
+        if (sigalg != NULL && sig_nid == sigalg->sigandhash)
             return 1;
     }
     return 0;
