From: Jouni Malinen <j@w1.fi>
Date: Sat, 9 Feb 2019 14:10:47 +0000 (+0200)
Subject: TLS client: Fix peer certificate event checking for probing
X-Git-Tag: hostap_2_8~399
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fdd8a2f0b85bb5e2a2f23484c306df9cb2a65b69;p=thirdparty%2Fhostap.git

TLS client: Fix peer certificate event checking for probing

conn->cred might be NULL here, so check for that explicitly before
checking whether conn->cred->cert_probe is set. This fixes a potential
NULL pointer dereference when going through peer certificates with
event_cb functionality enabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
---

diff --git a/src/tls/tlsv1_client_read.c b/src/tls/tlsv1_client_read.c
index e66f1a988..80874e59d 100644
--- a/src/tls/tlsv1_client_read.c
+++ b/src/tls/tlsv1_client_read.c
@@ -290,7 +290,7 @@ static void tls_peer_cert_event(struct tlsv1_client *conn, int depth,
 		return;
 
 	os_memset(&ev, 0, sizeof(ev));
-	if (conn->cred->cert_probe || conn->cert_in_cb) {
+	if ((conn->cred && conn->cred->cert_probe) || conn->cert_in_cb) {
 		cert_buf = wpabuf_alloc_copy(cert->cert_start,
 					     cert->cert_len);
 		ev.peer_cert.cert = cert_buf;