From f508678b0f44e483c2576b14b28357fd8dceda8f Mon Sep 17 00:00:00 2001 From: Phillip Berndt Date: Tue, 21 Sep 2021 16:27:54 +0200 Subject: [PATCH] NULL-check s2n_cert_chain_and_key_get_pkey_type This adds POSIX_ENSURE_REF to guard the case where a certificate chain is empty. --- crypto/s2n_certificate.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/crypto/s2n_certificate.c b/crypto/s2n_certificate.c index edd41cff83d..319425d00fe 100755 --- a/crypto/s2n_certificate.c +++ b/crypto/s2n_certificate.c @@ -619,6 +619,9 @@ void *s2n_cert_chain_and_key_get_ctx(struct s2n_cert_chain_and_key *cert_and_key s2n_pkey_type s2n_cert_chain_and_key_get_pkey_type(struct s2n_cert_chain_and_key *chain_and_key) { + PTR_ENSURE_REF(chain_and_key); + PTR_ENSURE_REF(chain_and_key->cert_chain); + PTR_ENSURE_REF(chain_and_key->cert_chain->head); return chain_and_key->cert_chain->head->pkey_type; }