From c79d631acdb9f14855f26e8966b8e04e92185d92 Mon Sep 17 00:00:00 2001 From: Gordon Tetlow Date: Tue, 21 Apr 2020 15:44:20 +0000 Subject: [PATCH] Fix OpenSSL remote denial of service. See https://www.openssl.org/news/secadv/20200421.txt for details. Approved by: so Security: CVE-2020-1967 --- crypto/openssl/ssl/t1_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/openssl/ssl/t1_lib.c b/crypto/openssl/ssl/t1_lib.c index a254fd5a0559..76b4baa38893 100644 --- a/crypto/openssl/ssl/t1_lib.c +++ b/crypto/openssl/ssl/t1_lib.c @@ -2130,7 +2130,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid) sigalg = use_pc_sigalgs ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i]) : s->shared_sigalgs[i]; - if (sig_nid == sigalg->sigandhash) + if (sigalg != NULL && sig_nid == sigalg->sigandhash) return 1; } return 0;