From: Jouni Malinen <jouni.malinen@atheros.com>
Date: Wed, 13 Apr 2011 23:45:14 +0000 (+0300)
Subject: Avoid theoretical NULL pointer dereference during TLS reassemble
X-Git-Tag: hostap-1-bp~410
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=066608f3ff5f0042636b02737d15035129a65829;p=thirdparty%2Fhostap.git

Avoid theoretical NULL pointer dereference during TLS reassemble

This function does not get called with in_data == NULL in practice, but
it seems to be at least partly prepared for that case, so better make it
consistent by handling the NULL value throughout the function.
---

diff --git a/src/eap_peer/eap_tls_common.c b/src/eap_peer/eap_tls_common.c
index 7bd50f677..d1567e928 100644
--- a/src/eap_peer/eap_tls_common.c
+++ b/src/eap_peer/eap_tls_common.c
@@ -361,7 +361,8 @@ static int eap_peer_tls_reassemble_fragment(struct eap_ssl_data *data,
 		eap_peer_tls_reset_input(data);
 		return -1;
 	}
-	wpabuf_put_buf(data->tls_in, in_data);
+	if (in_data)
+		wpabuf_put_buf(data->tls_in, in_data);
 	data->tls_in_left -= in_len;
 
 	if (data->tls_in_left > 0) {