From: Eytan Lifshitz <eytan.lifshitz@intel.com>
Date: Mon, 10 Feb 2014 10:55:08 +0000 (+0200)
Subject: wpa_supplicant: Fix NULL dereference in tls_verify_cb()
X-Git-Tag: hostap_2_2~867
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97efe70b60755a87cfe14d9475c4e90b4acb9145;p=thirdparty%2Fhostap.git

wpa_supplicant: Fix NULL dereference in tls_verify_cb()

In function tls_verify_cb(), X509_STORE_CTX_get_current_cert() may
return NULL, and it will be dereferenced by X509_get_subject_name().

Signed-hostap: Eytan Lifshitz <eytan.lifshitz@intel.com>
---

diff --git a/src/crypto/tls_openssl.c b/src/crypto/tls_openssl.c
index d025ae0a8..a13fa3852 100644
--- a/src/crypto/tls_openssl.c
+++ b/src/crypto/tls_openssl.c
@@ -1368,6 +1368,9 @@ static int tls_verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx)
 	const char *err_str;
 
 	err_cert = X509_STORE_CTX_get_current_cert(x509_ctx);
+	if (!err_cert)
+		return 0;
+
 	err = X509_STORE_CTX_get_error(x509_ctx);
 	depth = X509_STORE_CTX_get_error_depth(x509_ctx);
 	ssl = X509_STORE_CTX_get_ex_data(x509_ctx,