Better check for NULL pointer
Signed-off-by: Paul Elliott <paul.elliott@arm.com>
diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c
index 05a5767..5aa541b 100644
--- a/library/ssl_tls12_server.c
+++ b/library/ssl_tls12_server.c
@@ -3203,6 +3203,12 @@
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_SERVER_SIGNATURE_ENABLED)
if( mbedtls_ssl_ciphersuite_uses_server_signature( ciphersuite_info ) )
{
+ if( dig_signed == NULL )
+ {
+ MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
+ return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
+ }
+
size_t dig_signed_len = ssl->out_msg + ssl->out_msglen - dig_signed;
size_t hashlen = 0;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@@ -3241,12 +3247,6 @@
*/
if( md_alg != MBEDTLS_MD_NONE )
{
- if( dig_signed == NULL )
- {
- MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
- return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
- }
-
ret = mbedtls_ssl_get_key_exchange_md_tls1_2( ssl, hash, &hashlen,
dig_signed,
dig_signed_len,