Sanity check in ssl_get_algorithm2().

RT#4600 Reviewed-by: Rich Salz <rsalz@openssl.org> (cherry picked from commit 52eede5a97) Conflicts: ssl/s3_lib.c
2016-07-19 16:03:10 +01:00 · 2016-07-19 16:03:10 +01:00 · b5c835b399
commit b5c835b399
parent 9ae9cbc0c7
1 changed files with 4 additions and 1 deletions
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@ -4528,7 +4528,10 @@ int ssl3_renegotiate_check(SSL *s)
 */
 long ssl_get_algorithm2(SSL *s)
 {
-    long alg2 = s->s3->tmp.new_cipher->algorithm2;
+    long alg2;
+    if (s->s3 == NULL || s->s3->tmp.new_cipher == NULL)
+        return -1;
+    alg2 = s->s3->tmp.new_cipher->algorithm2;
    if (s->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_SHA256_PRF
        && alg2 == (SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF))
        return SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256;