Fix OpenSSL remote denial of service vulnerability.

Approved by:	so
Security:	FreeBSD-SA-20:11.openssl
Security:	CVE-2020-1967
This commit is contained in:
gordon 2020-04-21 15:53:08 +00:00 committed by Franco Fichtner
parent 1e02935dc0
commit 444c5d8dba
1 changed files with 1 additions and 1 deletions

View File

@ -2099,7 +2099,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
sigalg = use_pc_sigalgs
? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
: s->shared_sigalgs[i];
if (sig_nid == sigalg->sigandhash)
if (sigalg != NULL && sig_nid == sigalg->sigandhash)
return 1;
}
return 0;