From: Matt Caswell Date: Tue, 17 Apr 2018 10:32:20 +0000 (+0100) Subject: Check the return from EVP_PKEY_get0_DH() X-Git-Tag: OpenSSL_1_1_1-pre6~101 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a68236572850a1f50d5c40990b5a15a18ebea3bc;p=oweals%2Fopenssl.git Check the return from EVP_PKEY_get0_DH() Fixes #5934 Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/5983) --- diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 7e033ceb16..aa38fada70 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2481,6 +2481,12 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) } dh = EVP_PKEY_get0_DH(s->s3->tmp.pkey); + if (dh == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, + ERR_R_INTERNAL_ERROR); + goto err; + } EVP_PKEY_free(pkdh); pkdh = NULL;