ssl_tls: avoid the appearance of a potential NULL dereferencing Looking at the bigger picture it is clear that if `ssl->session` is NULL, there will be a failure much earlier, and that is well protected from, however, the practice of dereferencing a pointer which has not been verified in prior for validity goes against secure coding practices. Signed-off-by: Leonid Rozenboim <leonid.rozenboim@oracle.com>

commit: e9d8dcdbf5629bc9320b85060a470f381620867e [log] [tgz]
author: Leonid Rozenboim <leonid.rozenboim@oracle.com> Mon Aug 08 15:57:48 2022 -0700
committer: Leonid Rozenboim <leonid.rozenboim@oracle.com> Tue Aug 09 12:34:30 2022 -0700
tree: caf46836d0565189618830b0847ef7d46036d40d
parent: 5740ff5f1fca526d52ec69c48242747716e81715 [diff] [blame]
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index eefd89d..f2f415e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c

@@ -7282,7 +7282,7 @@
     const mbedtls_ssl_ciphersuite_t * const ciphersuite_info =
          mbedtls_ssl_ciphersuite_from_id( ciphersuite_id );
 
-    if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
+    if( ciphersuite_info != NULL && ciphersuite_info->mac == MBEDTLS_MD_SHA384 )
         return( tls_prf_sha384 );
 #else
     (void) ciphersuite_id;
commit	e9d8dcdbf5629bc9320b85060a470f381620867e	[log] [tgz]
author	Leonid Rozenboim <leonid.rozenboim@oracle.com>	Mon Aug 08 15:57:48 2022 -0700
committer	Leonid Rozenboim <leonid.rozenboim@oracle.com>	Tue Aug 09 12:34:30 2022 -0700
tree	caf46836d0565189618830b0847ef7d46036d40d
parent	5740ff5f1fca526d52ec69c48242747716e81715 [diff] [blame]