From: Graham Leggett <minfrin@sharp.fm>
Date: Wed, 2 Apr 2025 11:08:11 +0000 (+0100)
Subject: ssl/ssl_lib.c: Avoid crash when SSL_CONNECTION is NULL
X-Git-Tag: openssl-3.4.2~110
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d2f2eafa7f1d82ceda7b1c324f4c51a25a7ff3fa;p=thirdparty%2Fopenssl.git

ssl/ssl_lib.c: Avoid crash when SSL_CONNECTION is NULL

Detection for sc == NULL is performed after sc is used. Add the
check to the correct place.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27241)

(cherry picked from commit 7f6cc862c69800a72c49fcfe89e2931ee4ca2e7a)
---

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d11613782dd..2c0d57e04a6 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -4743,6 +4743,9 @@ int SSL_do_handshake(SSL *s)
         return ossl_quic_do_handshake(s);
 #endif
 
+    if (sc == NULL)
+        return -1;
+
     if (sc->handshake_func == NULL) {
         ERR_raise(ERR_LIB_SSL, SSL_R_CONNECTION_TYPE_NOT_SET);
         return -1;