From: Mansour Ahmadi <m.ahmadi@northeastern.edu>
Date: Mon, 15 Oct 2018 19:11:24 +0000 (-0400)
Subject: Add a missing check on s->s3->tmp.pkey
X-Git-Tag: openssl-3.0.0-alpha1~3043
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=61bef9bde09dc6099a7c59baa79898e3b003fec3;p=oweals%2Fopenssl.git

Add a missing check on s->s3->tmp.pkey

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7405)
---

diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 95f83c8462..ac5fd09134 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3224,6 +3224,12 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt)
                      SSL_R_LENGTH_MISMATCH);
             goto err;
         }
+        if (skey == NULL) {
+            SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE,
+                     SSL_R_MISSING_TMP_ECDH_KEY);
+            goto err;
+        }
+
         ckey = EVP_PKEY_new();
         if (ckey == NULL || EVP_PKEY_copy_parameters(ckey, skey) <= 0) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE,