Fix OpenSSL remote denial of service.

See https://www.openssl.org/news/secadv/20200421.txt for details.

Approved by:	so
Security:	CVE-2020-1967
This commit is contained in:
Gordon Tetlow 2020-04-21 15:44:20 +00:00
parent d499502db7
commit c79d631acd

View File

@ -2130,7 +2130,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
sigalg = use_pc_sigalgs sigalg = use_pc_sigalgs
? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i]) ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
: s->shared_sigalgs[i]; : s->shared_sigalgs[i];
if (sig_nid == sigalg->sigandhash) if (sigalg != NULL && sig_nid == sigalg->sigandhash)
return 1; return 1;
} }
return 0; return 0;