From 61cdc2a08dcd6d4805dab21483974cc82b88d6e3 Mon Sep 17 00:00:00 2001
From: Pauli <paul.dale@oracle.com>
Date: Mon, 27 Apr 2020 09:13:46 +1000
Subject: [PATCH] coverity 1462571 Dereference after null check

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11651)
---
 apps/lib/app_x509.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/apps/lib/app_x509.c b/apps/lib/app_x509.c
index 89c5960fa6..00581aabbd 100644
--- a/apps/lib/app_x509.c
+++ b/apps/lib/app_x509.c
@@ -106,12 +106,15 @@ static int do_x509_ctrl_string(int (*ctrl)(void *object, int cmd,
         cmd = EVP_PKEY_CTRL_SET1_ID; /* ... except we put it in X509 */
 #endif
     } else if (strcmp(stmp, "hexdistid") == 0) {
-        long hexid_len = 0;
-        void *hexid = OPENSSL_hexstr2buf((const char *)vtmp, &hexid_len);
-
-        OPENSSL_free(stmp);
-        stmp = vtmp = hexid;
-        vtmp_len = (size_t)hexid_len;
+        if (vtmp != NULL) {
+            void *hexid;
+            long hexid_len = 0;
+
+            hexid = OPENSSL_hexstr2buf((const char *)vtmp, &hexid_len);
+            OPENSSL_free(stmp);
+            stmp = vtmp = hexid;
+            vtmp_len = (size_t)hexid_len;
+        }
 #ifdef EVP_PKEY_CTRL_SET1_ID
         cmd = EVP_PKEY_CTRL_SET1_ID; /* ... except we put it in X509 */
 #endif
-- 
2.25.1