Address coverity-reported NULL dereference in SSL_SESSION_print()
We need to check the provided SSL_SESSION* for NULL before attempting to derference it to see if it's a TLS 1.3 session. Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6622)
This commit is contained in:
Benjamin Kaduk
parent
8794be2ed8
commit
5281bb2252
1 changed files with 2 additions and 1 deletions
|
|
@ -33,10 +33,11 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x)
|
|||
{
|
||||
size_t i;
|
||||
const char *s;
|
||||
int istls13 = (x->ssl_version == TLS1_3_VERSION);
|
||||
int istls13;
|
||||
|
||||
if (x == NULL)
|
||||
goto err;
|
||||
istls13 = (x->ssl_version == TLS1_3_VERSION);
|
||||
if (BIO_puts(bp, "SSL-Session:\n") <= 0)
|
||||
goto err;
|
||||
s = ssl_protocol_to_string(x->ssl_version);
|
||||
|
|
|
|||
Loading…
Reference in a new issue