Don't use NULL-pointer :-/

[openssl.git] / ssl / ssl_sess.c

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 29e6cc16ce4be23e726bd00878b318843dd468db..97c7f3325199ae3ab9bc7bfa9b62ff80baf04d7b 100644 (file)
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -168,6 +168,8 @@ int ssl_get_new_session(SSL *s, int session)
                        CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
                        if (r == NULL) break;
                        /* else - woops a session_id match */
+                       /* XXX should also check external cache!
+                        * (But the probability of a collision is negligible, anyway...) */
                        }
                }
        else
@@ -201,8 +203,9 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
                {
                CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
                ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,(char *)&data);
-               /* don't allow other threads to steal it: */
-               CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
+               if (ret != NULL)
+                   /* don't allow other threads to steal it: */
+                   CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
                CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
                }