Commit 5281bb22 authored by Benjamin Kaduk's avatar Benjamin Kaduk
Browse files

Address coverity-reported NULL dereference in SSL_SESSION_print() 



We need to check the provided SSL_SESSION* for NULL before
attempting to derference it to see if it's a TLS 1.3 session.

Reviewed-by: default avatarKurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/6622)
parent 8794be2e

ssl/ssl_txt.c

+2 −1
Original line number Diff line number Diff line
@@ -33,10 +33,11 @@ int SSL_SESSION_print(BIO *bp, const SSL_SESSION *x) 
{

    size_t i;

    const char *s;

    int istls13 = (x->ssl_version == TLS1_3_VERSION);

    int istls13;



    if (x == NULL)

        goto err;

    istls13 = (x->ssl_version == TLS1_3_VERSION);

    if (BIO_puts(bp, "SSL-Session:\n") <= 0)

        goto err;

    s = ssl_protocol_to_string(x->ssl_version);