coverity 1462581 Dereference after null check
authorPauli <paul.dale@oracle.com>
Sun, 26 Apr 2020 23:32:14 +0000 (09:32 +1000)
committerPauli <paul.dale@oracle.com>
Thu, 30 Apr 2020 10:21:33 +0000 (20:21 +1000)
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11651)

ssl/ssl_cert.c

index 51bfa43..4084049 100644 (file)
@@ -872,7 +872,10 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags)
             untrusted = cpk->chain;
     }
 
-    xs_ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
+    if (s == NULL)
+        xs_ctx = X509_STORE_CTX_new_with_libctx(ctx->libctx, ctx->propq);
+    else
+        xs_ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
     if (xs_ctx == NULL) {
         SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_MALLOC_FAILURE);
         goto err;