Fix OpenSSL remote denial of service.

See https://www.openssl.org/news/secadv/20200421.txt for details. Approved by: so Security: CVE-2020-1967
svn path=/head/; revision=360146
2020-04-21 15:44:20 +00:00 · 2020-04-21 15:44:20 +00:00 · c79d631acd · 2020-12-20 02:59:44 +00:00
commit c79d631acd
parent d499502db7
1 changed files with 1 additions and 1 deletions
--- a/crypto/openssl/ssl/t1_lib.c
+++ b/crypto/openssl/ssl/t1_lib.c
@ -2130,7 +2130,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
        sigalg = use_pc_sigalgs
                 ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
                 : s->shared_sigalgs[i];
-        if (sig_nid == sigalg->sigandhash)
+        if (sigalg != NULL && sig_nid == sigalg->sigandhash)
            return 1;
    }
    return 0;